svn commit: r356789 - in head/security/rkhunter: . files
Adam Weinberger
adamw at FreeBSD.org
Fri Jun 6 14:24:50 UTC 2014
Author: adamw
Date: Fri Jun 6 14:24:49 2014
New Revision: 356789
URL: http://svnweb.freebsd.org/changeset/ports/356789
QAT: https://qat.redports.org/buildarchive/r356789/
Log:
1.4.0 was unfetchable and the website advises everyone to
"upgrade real soon now." So, update the port to 1.4.2.
Also, STAGE support, options helpers, @sample, etc.
Modified:
head/security/rkhunter/Makefile
head/security/rkhunter/distinfo
head/security/rkhunter/files/patch-files__rkhunter.conf
head/security/rkhunter/pkg-plist
Modified: head/security/rkhunter/Makefile
==============================================================================
--- head/security/rkhunter/Makefile Fri Jun 6 14:12:32 2014 (r356788)
+++ head/security/rkhunter/Makefile Fri Jun 6 14:24:49 2014 (r356789)
@@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= rkhunter
-PORTVERSION= 1.4.0
-PORTREVISION= 1
+PORTVERSION= 1.4.2
CATEGORIES= security
MASTER_SITES= SF
@@ -22,50 +21,29 @@ USES= perl5
NO_BUILD= yes
SUB_FILES= 415.${PORTNAME}
-MAN8= ${PORTNAME}.8
-MANCOMPRESSED= no
-
PORTDOCS= ACKNOWLEDGMENTS CHANGELOG FAQ LICENSE README
-NO_STAGE= yes
-.include <bsd.port.pre.mk>
-
-.if ${PORT_OPTIONS:MLSOF}
-RUN_DEPENDS+= lsof:${PORTSDIR}/sysutils/lsof
-.endif
-
-.if ${PORT_OPTIONS:MNMAP}
-RUN_DEPENDS+= nmap:${PORTSDIR}/security/nmap
-.endif
+LSOF_RUN_DEPENDS= lsof:${PORTSDIR}/sysutils/lsof
+NMAP_RUN_DEPENDS= nmap:${PORTSDIR}/security/nmap
post-patch:
@${REINPLACE_CMD} -e 's|{SHAREDIR}/man/man8|{PREFIX}/man/man8|g' \
${WRKSRC}/installer.sh
do-install:
- cd ${WRKSRC} && ./installer.sh --layout custom ${PREFIX} --install
+ cd ${WRKSRC} && ./installer.sh --layout custom ${STAGEDIR}${PREFIX} --install
${INSTALL_MAN} ${WRKSRC}/files/${PORTNAME}.8 \
- ${MAN8PREFIX}/man/man8
- @${MKDIR} ${PREFIX}/etc/periodic/security
- ${INSTALL_SCRIPT} ${WRKDIR}/415.${PORTNAME} ${PREFIX}/etc/periodic/security
-.if ${PORT_OPTIONS:MDOCS}
- @${MKDIR} ${DOCSDIR}
- ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/files/|} ${DOCSDIR}
-.endif
+ ${STAGEDIR}${MAN8PREFIX}/man/man8
+ @${MKDIR} ${STAGEDIR}${PREFIX}/etc/periodic/security
+ ${INSTALL_SCRIPT} ${WRKDIR}/415.${PORTNAME} ${STAGEDIR}${PREFIX}/etc/periodic/security
+ @${MKDIR} ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/files/|} ${STAGEDIR}${DOCSDIR}
post-install:
- ${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${PREFIX}/etc/${PORTNAME}.conf.sample
- @if [ ! -f ${PREFIX}/etc/${PORTNAME}.conf ]; then \
- ${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.conf ${PREFIX}/etc; \
- fi
- ${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample
- ${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat.sample
- @if [ ! -f ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat ]; then \
- ${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat; \
- fi
- @if [ ! -f ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat ]; then \
- ${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat; \
- fi
- @${CAT} ${PKGMESSAGE}
+ ${REINPLACE_CMD} -i '' -e 's,${STAGEDIR},,' \
+ ${STAGEDIR}${PREFIX}/bin/${PORTNAME} ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf
+ ${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample
+ ${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample
+ ${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat.sample
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>
Modified: head/security/rkhunter/distinfo
==============================================================================
--- head/security/rkhunter/distinfo Fri Jun 6 14:12:32 2014 (r356788)
+++ head/security/rkhunter/distinfo Fri Jun 6 14:24:49 2014 (r356789)
@@ -1,2 +1,2 @@
-SHA256 (rkhunter-1.4.0.tar.gz) = a891c0b900417f2980f0e9afcdb10d1fd5581703be2587a92c90c7631b8814dc
-SIZE (rkhunter-1.4.0.tar.gz) = 244552
+SHA256 (rkhunter-1.4.2.tar.gz) = 789cc84a21faf669da81e648eead2e62654cfbe0b2d927119d8b1e55b22b65c3
+SIZE (rkhunter-1.4.2.tar.gz) = 277707
Modified: head/security/rkhunter/files/patch-files__rkhunter.conf
==============================================================================
--- head/security/rkhunter/files/patch-files__rkhunter.conf Fri Jun 6 14:12:32 2014 (r356788)
+++ head/security/rkhunter/files/patch-files__rkhunter.conf Fri Jun 6 14:24:49 2014 (r356789)
@@ -1,33 +1,32 @@
---- ./files/rkhunter.conf.orig 2011-12-17 22:36:02.000000000 +0100
-+++ ./files/rkhunter.conf 2012-07-03 23:57:15.000000000 +0200
-@@ -468,6 +468,10 @@
+--- files/rkhunter.conf.orig 2014-06-06 09:59:35.000000000 -0400
++++ files/rkhunter.conf 2014-06-06 10:01:32.000000000 -0400
+@@ -575,6 +575,10 @@
+ # The default value is the null string.
#
- #SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
- #SCRIPTWHITELIST="/usr/bin/groups"
+ #SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/usr/bin/whatis
+SCRIPTWHITELIST=/usr/sbin/adduser
+SCRIPTWHITELIST=/usr/local/bin/GET
+SCRIPTWHITELIST=/usr/local/sbin/pkgdb
#
- # Allow the specified commands to have the immutable attribute set.
-@@ -477,6 +481,10 @@
- # characters.
+ # Allow the specified file to have the immutable attribute set.
+@@ -584,6 +588,10 @@
+ # The default value is the null string.
#
- #IMMUTWHITELIST="/sbin/ifup /sbin/ifdown"
+ #IMMUTWHITELIST=/sbin/ifdown
+IMMUTWHITELIST=/usr/bin/login
+IMMUTWHITELIST=/usr/bin/passwd
+IMMUTWHITELIST=/usr/bin/su
+IMMUTWHITELIST=/sbin/init
#
- # If this option is set to 1, then the immutable-bit test is
-@@ -668,7 +676,7 @@
- # NOTE: For *BSD systems you will probably need to use this option
- # for the 'toor' account.
+ # If this option is set to '1', then the immutable-bit test is reversed. That
+@@ -787,6 +795,7 @@
+ # The default value is the null string.
#
--#UID0_ACCOUNTS="toor rooty"
-+UID0_ACCOUNTS="toor"
+ #UID0_ACCOUNTS=toor rooty
++UID0_ACCOUNTS=toor
#
- # Allow the following accounts to have no password. NIS/YP entries do
+ # This option allows the specified accounts to have no password. NIS/YP entries
Modified: head/security/rkhunter/pkg-plist
==============================================================================
--- head/security/rkhunter/pkg-plist Fri Jun 6 14:12:32 2014 (r356788)
+++ head/security/rkhunter/pkg-plist Fri Jun 6 14:24:49 2014 (r356789)
@@ -1,34 +1,47 @@
bin/rkhunter
etc/periodic/security/415.rkhunter
-etc/rkhunter.conf
+ at sample etc/rkhunter.conf.sample
lib/rkhunter/scripts/check_modules.pl
lib/rkhunter/scripts/filehashsha.pl
lib/rkhunter/scripts/readlink.sh
lib/rkhunter/scripts/stat.pl
+man/man8/rkhunter.8.gz
var/lib/rkhunter/db/backdoorports.dat
var/lib/rkhunter/db/i18n/cn
var/lib/rkhunter/db/i18n/de
var/lib/rkhunter/db/i18n/en
+var/lib/rkhunter/db/i18n/tr
+var/lib/rkhunter/db/i18n/tr.utf8
var/lib/rkhunter/db/i18n/zh
var/lib/rkhunter/db/i18n/zh.utf8
-var/lib/rkhunter/db/mirrors.dat
-var/lib/rkhunter/db/programs_bad.dat
+ at sample var/lib/rkhunter/db/mirrors.dat.sample
+ at sample var/lib/rkhunter/db/programs_bad.dat.sample
+var/lib/rkhunter/db/signatures/RKH_Glubteba.ldb
+var/lib/rkhunter/db/signatures/RKH_dso.ldb
+var/lib/rkhunter/db/signatures/RKH_jynx.ldb
+var/lib/rkhunter/db/signatures/RKH_kbeast.ldb
+var/lib/rkhunter/db/signatures/RKH_libkeyutils.ldb
+var/lib/rkhunter/db/signatures/RKH_libkeyutils1.ldb
+var/lib/rkhunter/db/signatures/RKH_libncom.ldb
+var/lib/rkhunter/db/signatures/RKH_pamunixtrojan.ldb
+var/lib/rkhunter/db/signatures/RKH_shv.ldb
+var/lib/rkhunter/db/signatures/RKH_sniffer.ldb
+var/lib/rkhunter/db/signatures/RKH_sshd.ldb
+var/lib/rkhunter/db/signatures/RKH_turtle.ldb
+var/lib/rkhunter/db/signatures/RKH_xsyslog.ldb
var/lib/rkhunter/db/suspscan.dat
@unexec rm -f %D/var/lib/rkhunter/db/rkhunter_prop_list.dat 2> /dev/null || true
@unexec rm -f %D/var/lib/rkhunter/db/rkhunter.dat* 2> /dev/null || true
- at unexec if cmp -s %D/etc/rkhunter.conf.sample %D/etc/rkhunter.conf; then rm -f %D/etc/rkhunter.conf; fi
-etc/rkhunter.conf.sample
- at exec if [ ! -f %D/etc/rkhunter.conf ] ; then cp -p %D/%F %B/rkhunter.conf; fi
var/lib/rkhunter/tmp/group
var/lib/rkhunter/tmp/passwd
@dirrmtry etc/periodic/security
@dirrmtry etc/periodic
- at dirrmtry share/doc/rkhunter
@dirrm var/lib/rkhunter/tmp
+ at dirrm var/lib/rkhunter/db/signatures
@dirrm var/lib/rkhunter/db/i18n
@dirrm var/lib/rkhunter/db
@dirrm var/lib/rkhunter
- at dirrm var/lib
- at dirrm var
+ at dirrmtry var/lib
+ at dirrmtry var
@dirrm lib/rkhunter/scripts
@dirrm lib/rkhunter
More information about the svn-ports-all
mailing list