Browse Source

rkhunter: new package, version 1.4.0

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@7499 ec354946-7b23-47d6-9f5a-488ba84defc7
daisuke 11 years ago
parent
commit
ab061cba8b
1 changed files with 385 additions and 0 deletions
  1. 385 0
      r/rkhunter/rkhunter-vl.spec

+ 385 - 0
r/rkhunter/rkhunter-vl.spec

@@ -0,0 +1,385 @@
+Name:           rkhunter
+Version:        1.4.0
+Release:        1%{?_dist_release}
+Summary:        A host-based tool to scan for rootkits, backdoors and local exploits
+
+Group:          Applications/System
+License:        GPLv2+
+URL:            http://rkhunter.sourceforge.net/
+Source0:        http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.tar.gz
+Source2:        01-rkhunter
+Source3:        rkhunter.sysconfig
+Patch0:         rkhunter-1.4.0-fedoraconfig.patch
+BuildArch:      noarch
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
+
+Requires:       coreutils, binutils, findutils, grep
+Requires:       e2fsprogs, procps, lsof, iproute, wget
+Requires:       perl, perl(strict), perl(IO::Socket), mailx, logrotate
+%if "%{_dist_release}" >= "vl7"
+Requires:       kmod
+%else
+Requires:       module-init-tools
+%endif
+
+%description
+Rootkit Hunter (RKH) is an easy-to-use tool which checks
+computers running UNIX (clones) for the presence of rootkits
+and other unwanted tools.
+
+%prep
+
+%setup -q
+
+%patch0 -p1
+
+%{__cat} <<'EOF' >%{name}.logrotate
+%{_localstatedir}/log/%{name}/%{name}.log {
+    weekly
+    notifempty
+    create 640 root root
+}
+EOF
+
+%build
+# Nothing to be built
+
+%install
+%{__rm} -rf $RPM_BUILD_ROOT
+
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_bindir}
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_sysconfdir}/{cron.daily,sysconfig,logrotate.d}
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_mandir}/man8
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/log/%{name}
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n
+
+%{__install} -m755 -p files/%{name}             ${RPM_BUILD_ROOT}%{_bindir}/
+
+%{__install} -m644 -p files/backdoorports.dat   ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/mirrors.dat         ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/programs_bad.dat    ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/i18n/cn             ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/
+%{__install} -m644 -p files/i18n/en             ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/
+
+%{__install} -m644 -p files/CHANGELOG           ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
+%{__install} -m644 -p files/LICENSE             ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
+%{__install} -m644 -p files/README              ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
+%{__install} -m755 -p files/check_modules.pl    ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts/
+%{__install} -m644 -p files/*.8                 ${RPM_BUILD_ROOT}%{_mandir}/man8/
+# Don't ship these unless we want to Require the perl modules
+#%{__install} -m750 -p files/filehashmd5.pl      ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/
+#%{__install} -m750 -p files/filehashsha1.pl     ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/
+%{__install} -m755 -p %{SOURCE2}                ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/%{name}
+%{__install} -m644 -p %{name}.logrotate         ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name}
+%{__install} -m640 -p files/%{name}.conf        ${RPM_BUILD_ROOT}%{_sysconfdir}/
+%{__install} -m640 -p %{SOURCE3}                ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/%{name}
+
+%clean
+%{__rm} -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(-,root,root,-)
+%doc %{_docdir}/%{name}-%{version}/*
+%{_bindir}/%{name}
+%dir %{_datadir}/%{name}
+%{_datadir}/%{name}/scripts
+%{_sysconfdir}/cron.daily/%{name}
+%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
+%dir %{_var}/lib/%{name}
+%{_var}/lib/%{name}/db
+%ghost %{_var}/lib/%{name}/db/mirrors.dat
+%ghost %{_var}/lib/%{name}/db/programs_bad.dat
+%{_var}/lib/%{name}/db/i18n
+%dir %{_var}/log/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}.conf
+%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
+%dir %{_docdir}/%{name}-%{version}
+%{_mandir}/man8/*
+
+%changelog
+* Thu Feb 28 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.0-1
+- initial build for Vine Linux
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.0-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Sat Oct 06 2012 Kevin Fenzi <kevin@scrye.com> 1.4.0-5
+- Add /dev/md/autorebuild.pid to whitelist. Fixes bug #857315
+
+* Sat Aug 18 2012 Kevin Fenzi <kevin@scrye.com> 1.4.0-4
+- Add /var/log/pki-ca/system to whitelist for FreeIPA. Fixes bug #849251
+
+* Wed Aug 15 2012 Kevin Fenzi <kevin@scrye.com> 1.4.0-3
+- Fix /bin/ad false positive. Fixes bug #831989
+
+* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Tue May 08 2012 Kevin Fenzi <kevin@scrye.com> - 1.4.0-1
+- Update to 1.4.0
+
+* Sun Apr 15 2012 Kevin Fenzi <kevin@scrye.com> - 1.3.8-15
+- Add workaround for /lib/java false positive. Fixes bug #806972
+
+* Wed Feb  8 2012 Kay Sievers <kay@redhat.com> - 1.3.8-14
+- modutils are for Linux 2.4 and no longer provided; depend on kmod
+
+* Fri Jan 27 2012 Kevin Fenzi <kevin@scrye.com> 1.3.8-13
+- Drop net-tools, no longer needed. Fixes bug #784803
+- Add /dev/shm/spice.* to whitelist. Fixes bug #784882
+
+* Fri Jan 06 2012 Kevin Fenzi <kevin@scrye.com> 1.3.8-12
+- Add /etc/.java to whitelist. Fixes bug #770972
+
+* Fri Nov 25 2011 Kevin Fenzi <kevin@scrye.com> - 1.3.8-11
+- Add /usr/share/man/man5/.k5identity.5.gz to whitelisted hidden files. 
+
+* Wed Oct 12 2011 Jim Pirzyk <jim+rpm@pirzyk.org> - 1.3.8-10
+- Update %files section so that some .dat files are marked %ghost
+
+* Fri Aug 05 2011 Kevin Fenzi <kevin@scrye.com> - 1.3.8-9
+- Add patch to fix ALLOWPROCDELFILE config option. fixes bug #727524
+
+* Fri Jul 08 2011 Kevin Fenzi <kevin@scrye.com> - 1.3.8-8
+- Fix typo
+
+* Fri Jul 08 2011 Kevin Fenzi <kevin@scrye.com> - 1.3.8-7
+- Add patch to fix out of the box warning on rkhunter script. 
+- Fixes bug #719270
+- Add etckeeper and tomboy files. Fixes bug #719265 and #719259
+
+* Tue Jun 21 2011 Kevin Fenzi <kevin@scrye.com> - 1.3.8-6
+- Change ssh check back to 2 - bug #596775
+- Drop hard Requires on prelink. It will be used if present - bug #714067
+
+* Thu Apr 21 2011 Kevin Fenzi <kevin@scrye.com> - 1.3.8-5
+- Add /dev/.mount to ALLOW_HIDDENDIR - bug #697599
+
+* Wed Apr 13 2011 Kevin Fenzi <kevin@scrye.com> - 1.3.8-4
+- Don't send warning emails anymore. They cause selinux issues and are not very helpful.
+- Fixes bug #660544
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Tue Dec 07 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-2
+- Adjust config some - bug #596775
+
+* Fri Nov 26 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-1
+- Update to 1.3.8
+
+* Wed Nov 24 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-9
+- Drop /var/run as it's not used anymore - bug #656684
+
+* Wed Oct 06 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-8
+- Add patch to make rkhunter use unhide if installed - bug #636396
+
+* Sat Jun 05 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-7
+- Add ipsec.hmac exclude - bug #560594
+
+* Fri May 28 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-6
+- Add exclude for md-device-map - bug #596731
+- Supress ssh version check - bug #596775
+
+* Sat Mar 06 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-5
+- Change config to not specify XINETD_PATH - bug #560562
+
+* Sat Jan 23 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-4
+- Change email to just root instead of root@localhost - bug #553179
+- Add .k5login.5.gz to files whitelist - bug #553134
+
+* Tue Jan 05 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-3
+- Add some more ssh hmac files to whitelist - bug #552621
+- Re-add /dev/.mdadm.map to whitelisted files - bug #539405
+
+* Tue Dec 01 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.6-2
+- Disable apps check by default - bug #543065
+
+* Sun Nov 29 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.6-1
+- Update to 1.3.6
+
+* Thu Nov 26 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-9
+- Add exception for /dev/.mdadm file - bug #539405
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.4-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Fri Jul 03 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-7
+- Add exception for software raid udev file - bug #509253
+
+* Sat Jun 06 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-6
+- Add /usr/bin/.fipscheck.hmac to ok files - bug #494096
+
+* Sun Mar 08 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-5
+- Fix typo in patch file
+
+* Wed Mar 04 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-4
+- Rework spec file
+- Add check for the new hmac ssh files 
+
+* Thu Feb 26 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-3
+- Update cron job to include hostname (thanks  Manuel Wolfshant)
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Fri Jan 02 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-1
+- Update to 1.3.4
+- Use libdir as tmp dir - bug #456340
+
+* Sat Dec 13 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-6
+- Fix cron job sending as attachment - bug #472679
+- Fix cron job trying to send with colors - bug #475916
+
+* Wed Sep 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-5
+- Patch debug tmp file issue - bug #460628
+
+* Mon Jun 16 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-4
+- Fix cron script to only mail on warn/error - bug #450703
+- Fix conditional to account for fc10 rsyslog
+
+* Mon Apr 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-3
+- Change cron to run after prelink - bug #438622
+
+* Wed Mar 26 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-2
+- Move things to more standard locations for selinux - bug #438184
+- Add exception for pulseaudio file - bug #438622
+
+* Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-1
+- Update to 1.3.2
+- Fix cron script
+
+* Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-2
+- Use /etc/redhat-release for EPEL and /etc/fedora release for Fedora.
+- Add conditionals to support EPEL
+- Fix man page warning. 
+
+* Sun Feb 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-1
+- Revive package, clean up spec
+- Update to 1.3.0
+
+* Sat Mar 18 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-3
+- Made an RPM transparent change to move the sha1 canary check
+  file out of CVS and into the external lookaside cache (whose
+  filename changes with every new package release anyway...)
+
+* Fri Mar 17 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-2
+- Fixed architectural dependency during package creation eliminating
+  use of _libdir configure macro (x86_64 /usr/lib64 mis-targeting)
+
+* Tue Mar 7 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-1
+- New package version release
+- reworked the .spec file to support optional dist tag
+- Updated the application check default patchfile (chunk failure)
+- Changed to SHA1 for optional message digest (canary check)
+- Added a couple of suggested skip entries to rkhunter.conf
+
+* Sat Jun 11 2005 Greg Houlette <tamaster@pobox.com> - 1.2.7-1
+- Added signature auto-updating to CRON scan (new script)
+- Removed BOOTSCAN pending rewrite to full SysV Init scan in background
+- Added the --append-log command line option
+- Added Date Stamping to output
+- Fixed bug in /etc/group missing report
+- New package version release
+
+* Sun Jan 2 2005 Greg Houlette <tamaster@tekarmory.com> - 0:1.1.9-1
+- New package version release
+- Added the --run-application-check command line option
+  to listing in command help
+- Replaced 'Here' Doc editing of rkhunter.conf file
+  with in-place Perl edit
+- tweaked rpmbuild -bb Autoclean
+
+* Fri Oct 15 2004 Greg Houlette - 0:1.1.8-0.fdr.1 (revisited)
+- Removed redundant buildrequires /bin/sh, coreutils and perl
+- Revise postun scriptlet
+- Added /usr/share/doc/rkhunter-1.1.8/ to files list
+
+* Mon Oct 11 2004 Greg Houlette - 0:1.1.8-0.fdr.1
+- Changed Release Tag to 0.fdr.1 (testing) for QA
+- Removed wget from dependencies
+- Hid (temporarily) the --skip-application-check command
+  line option from being listed in help
+- Fixed the spec files list, again!
+
+* Fri Oct 8 2004 Greg Houlette - 0:1.1.8-0.fdr.0.2.beta2
+- Unified and disabled the md5 canary check in prep
+  (check is now optional) removing the sha1 cross-check
+- Fixed the spec files list, adding the /var/rkhunter
+  directory and the /usr/bin/rkhunter executable
+- Fixed missing dependencies (rkh uses runtime checks)
+- Disabled "auto-clean" for rpmbuild -bb
+- Changed Application version scan default to
+  disabled awaiting backport fix in upstream sources
+- Fixed shared_man_search.patch, configuration files
+  verify and added postun(install) cleanup
+
+* Fri Oct 1 2004 Greg Houlette - 0:1.1.8-0.fdr.0.1.beta1
+- More cosmetic patchwork
+- Changed Release Tag to beta1 (pre-release) for QA submit
+
+* Tue Sep 28 2004 Greg Houlette - 0:1.1.8-0.fdr.1
+- Removed hidden_search.patch (1.1.7) after it was
+  merged into upstream source by Michael Boelen
+- Removed .spec file from md5 and sha1 file checks
+  (it must be modifiable by Fedora QA release build)
+- Added BOOTSCAN description file to documentation
+- Restructured dynamic file creation ('Here' Docs)
+  moving them to the "prep" stage so that *_ALL_*
+  files are available prior to the "build" stage
+  (for inspection purposes)
+- Added a /etc/sysconfig/rkhunter parameters file
+
+* Sun Aug 29 2004 Greg Houlette - 0:1.1.7-0.fdr.1
+- Cosmetic patchwork
+
+* Sat Aug 21 2004 Greg Houlette - 0:1.1.6-0.fdr.1
+- Moderate reworking of .spec file for packaging standards
+- Added md5 and sha1 file checks to prep procedure for source .rpm
+- Included an optional rc.local replacement for scan on boot (with full logging)
+
+* Tue Aug 10 2004 Michael Boelen - 1.1.5
+- Added update script
+- Extended description
+
+* Sun Aug 08 2004 Greg Houlette - 1.1.5
+- Changed the install procedure eliminating the specification of
+  destination filenames (only needed if you are renaming during install)
+- Changed the permissions for documentation files (root only overkill)
+- Added the installation of the rkhunter Man Page
+- Added the installation of the programs_{bad, good}.dat database files
+- Added the installation of the LICENSE documentation file
+- Added the chmod for root only to the /var/rkhunter/db directory
+
+* Sun May 23 2004 Craig Orsinger (cjo) <cjorsinger@earthlink.net>
+- version 1.1.0-1.cjo
+- changed installation in accordance with new rootkit installation
+  procedure
+- changed installation root to conform to LSB. Use standard macros.
+- added recursive remove of old build root as prep for install phase
+
+* Wed Apr 28 2004 Doncho N. Gunchev - 1.0.9-0.mr700
+- dropped Requires: perl - rkhunter works without it 
+- dropped the bash alignpatch (check the source or contact me)
+- various file mode fixes (.../tmp/, *.db)
+- optimized the %%files section - any new files in the
+  current dirs will be fine - just %%{__install} them.
+
+* Mon Apr 26 2004 Michael Boelen - 1.0.8-0
+- Fixed missing md5blacklist.dat
+
+* Mon Apr 19 2004 Doncho N. Gunchev - 1.0.6-1.mr700
+- added missing /usr/local/rkhunter/db/md5blacklist.dat
+- patched to align results in --cronjob, I think rpm based
+  distros have symlink /bin/sh -> /bin/bash
+- added --with/--without alignpatch for conditional builds
+  (in case previous patch breaks something)
+
+* Sat Apr 03 2004 Michael Boelen / Joe Klemmer - 1.0.6-0
+- Update to 1.0.6
+
+* Mon Mar 29 2004 Doncho N. Gunchev - 1.0.0-0
+- initial .spec file