ports/102968: [patch] security/rkhunter

Gabor Kovesdan gabor at FreeBSD.org
Thu Sep 7 08:10:13 UTC 2006


>Number:         102968
>Category:       ports
>Synopsis:       [patch] security/rkhunter
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 07 08:10:11 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Gabor Kovesdan
>Release:        FreeBSD 6.1-RELEASE-p3 amd64
>Organization:
n/a
>Environment:
System: FreeBSD server.t-hosting.hu 6.1-RELEASE-p3 FreeBSD 6.1-RELEASE-p3 #0: Sat Aug 19 11:08:15 CEST 2006 root at server.t-hosting.hu:/usr/src/sys/amd64/compile/FREEBSD amd64

>Description:

- Add periodic script to ease the maintenance
- Bump PORTREVISION
- Take maintainership

>How-To-Repeat:
>Fix:

--- rkhunter.diff begins here ---
Index: Makefile
===================================================================
RCS file: /usr/cvs/ports/security/rkhunter/Makefile,v
retrieving revision 1.17
diff -u -r1.17 Makefile
--- Makefile	6 Sep 2006 01:30:47 -0000	1.17
+++ Makefile	7 Sep 2006 07:49:53 -0000
@@ -7,11 +7,11 @@
 
 PORTNAME=	rkhunter
 PORTVERSION=	1.2.8
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	http://downloads.rootkit.nl/
 
-MAINTAINER=	ports at FreeBSD.org
+MAINTAINER=	gkovesdan at t-hosting.hu
 COMMENT=	Rootkit detection tool
 
 OPTIONS=	LSOF "Use LSOF" on \
@@ -23,6 +23,7 @@
 WRKSRC=		${WRKDIR}/${PORTNAME}
 USE_PERL5=	yes
 NO_BUILD=	yes
+SUB_FILES=	415.rkhunter
 
 MAN8=		rkhunter.8
 MANCOMPRESSED=	no
@@ -42,12 +43,14 @@
 do-install:
 	cd ${WRKSRC} && ./installer.sh --installdir ${PREFIX}
 	${INSTALL_MAN} ${WRKSRC}/files/development/rkhunter.8 ${MAN8PREFIX}/man/man8
+	@${MKDIR} ${PREFIX}/etc/periodic/security
+	${INSTALL_DATA} ${WRKDIR}/415.rkhunter ${PREFIX}/etc/periodic/security
 .if !defined(NOPORTDOCS)
 	@${MKDIR} ${DOCSDIR}
 	${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/files/|} ${DOCSDIR}
 .endif
 
 post-install:
-	    @${CAT} ${PKGMESSAGE}
+	@${CAT} ${PKGMESSAGE}
 
 .include <bsd.port.post.mk>
Index: pkg-message
===================================================================
RCS file: /usr/cvs/ports/security/rkhunter/pkg-message,v
retrieving revision 1.1
diff -u -r1.1 pkg-message
--- pkg-message	2 Jan 2006 23:19:50 -0000	1.1
+++ pkg-message	7 Sep 2006 07:44:56 -0000
@@ -1,8 +1,14 @@
 
-**********************************************
-NOTICE:
+******************************************************************************
 
-     Keep your database up-to-date by running
-     "rkhunter --update" frequently.
+You should keep your rkhunter database up-to-date.
+This can be done automatically by putting this line to /etc/periodic.conf:
 
-**********************************************
+daily_rkhunter_update_enable="YES"
+
+Also, you can run rkhunter as a part of the daily security check by
+putting this line to /etc/periodic.conf:
+
+daily_rkhunter_check_enable="YES"
+
+******************************************************************************
Index: pkg-plist
===================================================================
RCS file: /usr/cvs/ports/security/rkhunter/pkg-plist,v
retrieving revision 1.5
diff -u -r1.5 pkg-plist
--- pkg-plist	29 Apr 2006 00:49:20 -0000	1.5
+++ pkg-plist	6 Sep 2006 12:02:51 -0000
@@ -1,6 +1,7 @@
 bin/rkhunter
 @unexec if cmp -s %D/etc/rkhunter.conf %D/etc/rkhunter.conf.sample; then rm -f %D/etc/rkhunter.conf; fi
 etc/rkhunter.conf.sample
+etc/periodic/security/155.rkhunter
 lib/rkhunter/db/backdoorports.dat
 lib/rkhunter/db/defaulthashes.dat
 lib/rkhunter/db/md5blacklist.dat
Index: files/415.rkhunter.in
===================================================================
RCS file: files/415.rkhunter.in
diff -N files/415.rkhunter.in
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/415.rkhunter.in	7 Sep 2006 07:52:42 -0000
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+# This is a maintenance shell script for the rkhunter security tool.
+# You can enable this script in /etc/periodic.conf file by putting these lines into it:
+#	daily_rkhunter_update_enable="YES"
+#	daily_rkhunter_check_enable="YES"
+#
+# Written by: Gabor Kovesdan <gabor at FreeBSD.org>
+
+if [ -r /etc/defaults/periodic.conf ]; then
+   . /etc/defaults/periodic.conf
+   source_periodic_confs
+fi
+
+case "$daily_rkhunter_update_enable" in
+  [Yy][Ee][Ss])
+
+	echo ""
+	echo "Updating the rkhunter database..."
+	%%PREFIX%%/bin/rkhunter --update
+	;;
+esac
+
+case "$daily_rkhunter_check_enable" in
+  [Yy][Ee][Ss])
+
+	echo ""
+	echo "Running rkhunter..."
+	%%PREFIX%%/bin/rkhunter --checkall --cronjob --skip-keypress
+	;;
+esac
--- rkhunter.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:



More information about the freebsd-ports-bugs mailing list