From owner-svn-ports-head@freebsd.org Wed Jun 14 00:14:23 2017 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 69262C0A212; Wed, 14 Jun 2017 00:14:23 +0000 (UTC) (envelope-from ultima@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4040A71C0D; Wed, 14 Jun 2017 00:14:23 +0000 (UTC) (envelope-from ultima@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v5E0EM8r067183; Wed, 14 Jun 2017 00:14:22 GMT (envelope-from ultima@FreeBSD.org) Received: (from ultima@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v5E0EMTc067178; Wed, 14 Jun 2017 00:14:22 GMT (envelope-from ultima@FreeBSD.org) Message-Id: <201706140014.v5E0EMTc067178@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ultima set sender to ultima@FreeBSD.org using -f From: Richard Gallamore Date: Wed, 14 Jun 2017 00:14:22 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r443547 - in head/security/rkhunter: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jun 2017 00:14:23 -0000 Author: ultima Date: Wed Jun 14 00:14:21 2017 New Revision: 443547 URL: https://svnweb.freebsd.org/changeset/ports/443547 Log: * Add fetch function to rkhunter * Remove wget as a dependency * Added NO_ARCH * Fixed portlint items PR: 219825 Submitted by: Helge Oldach Reviewed by: matthew (mentor) Approved by: Lukasz Wasikowski (maintainer), matthew (mentor) Differential Revision: https://reviews.freebsd.org/D11168 Added: head/security/rkhunter/files/patch-files_rkhunter (contents, props changed) head/security/rkhunter/files/patch-files_rkhunter.conf (contents, props changed) Deleted: head/security/rkhunter/files/patch-files__rkhunter.conf Modified: head/security/rkhunter/Makefile head/security/rkhunter/files/patch-installer.sh head/security/rkhunter/pkg-plist Modified: head/security/rkhunter/Makefile ============================================================================== --- head/security/rkhunter/Makefile Tue Jun 13 22:49:20 2017 (r443546) +++ head/security/rkhunter/Makefile Wed Jun 14 00:14:21 2017 (r443547) @@ -3,7 +3,7 @@ PORTNAME= rkhunter PORTVERSION= 1.4.2 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MASTER_SITES= SF @@ -15,12 +15,12 @@ LICENSE= GPLv2 OPTIONS_DEFINE= LSOF NMAP DOCS OPTIONS_DEFAULT=LSOF -RUN_DEPENDS+= p5-Digest-SHA1>=0:security/p5-Digest-SHA1 \ - ${LOCALBASE}/bin/wget:ftp/wget +RUN_DEPENDS+= p5-Digest-SHA1>=0:security/p5-Digest-SHA1 USES= perl5 shebangfix SHEBANG_FILES= files/check_modules.pl files/filehashsha.pl \ files/stat.pl +NO_ARCH= yes NO_BUILD= yes SUB_FILES= 415.${PORTNAME} Added: head/security/rkhunter/files/patch-files_rkhunter ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/rkhunter/files/patch-files_rkhunter Wed Jun 14 00:14:21 2017 (r443547) @@ -0,0 +1,21 @@ +--- files/rkhunter.orig 2014-03-12 20:54:55 UTC ++++ files/rkhunter +@@ -7275,6 +7275,9 @@ download_file() { + rm -f "${OUTPUT_FILE}" >/dev/null 2>&1 + + case "${RKHWEBCMD_BASE}" in ++ fetch) ++ CMD="${RKHWEBCMD} ${RKHWEBCMD_OPTS} -q -o \"${OUTPUT_FILE}\" ${MIRROR}${URL} 2>/dev/null" ++ ;; + wget) + CMD="${RKHWEBCMD} ${RKHWEBCMD_OPTS} -q -O \"${OUTPUT_FILE}\" ${MIRROR}${URL} 2>/dev/null" + ;; +@@ -18557,7 +18560,7 @@ REQCMDS="awk cat chmod chown cp cut date egrep grep he + # List of commands used to download files from the web. This list is + # used by the '--update' and '--versioncheck' options. Preferred commands + # are listed first. This can be overridden by the config file. +-WEBCMDLIST="wget curl elinks links lynx bget GET" ++WEBCMDLIST="fetch wget curl elinks links lynx bget GET" + + RKHWEBCMD="" + RKHWEBCMD_OPTS="" Added: head/security/rkhunter/files/patch-files_rkhunter.conf ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/rkhunter/files/patch-files_rkhunter.conf Wed Jun 14 00:14:21 2017 (r443547) @@ -0,0 +1,82 @@ +--- files/rkhunter.conf.orig 2014-01-25 21:29:51 UTC ++++ files/rkhunter.conf +@@ -154,7 +154,7 @@ + # subsequently commented out or removed, then the program will assume a + # default directory beneath the installation directory. + # +-#TMPDIR=/var/lib/rkhunter/tmp ++TMPDIR=RKHPREFIX/var/lib/rkhunter/tmp + + # + # This option specifies the database directory to use. +@@ -163,7 +163,7 @@ + # subsequently commented out or removed, then the program will assume a + # default directory beneath the installation directory. + # +-#DBDIR=/var/lib/rkhunter/db ++DBDIR=RKHPREFIX/var/lib/rkhunter/db + + # + # This option specifies the script directory to use. +@@ -171,7 +171,7 @@ + # The installer program will set the default directory. If this default is + # subsequently commented out or removed, then the program will not run. + # +-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts ++SCRIPTDIR=RKHPREFIX/lib/rkhunter/scripts + + # + # This option can be used to modify the command directory list used by rkhunter +@@ -303,7 +303,7 @@ AUTO_X_DETECT=1 + # + # The default value is 'no'. + # +-#ALLOW_SSH_ROOT_USER=no ++ALLOW_SSH_ROOT_USER=unset + + # + # Set this option to '1' to allow the use of the SSH-1 protocol, but note +@@ -317,7 +317,7 @@ AUTO_X_DETECT=1 + # + # The default value is '0'. + # +-#ALLOW_SSH_PROT_V1=0 ++ALLOW_SSH_PROT_V1=2 + + # + # This setting tells rkhunter the directory containing the SSH configuration +@@ -575,6 +575,8 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet + # The default value is the null string. + # + #SCRIPTWHITELIST=/usr/bin/groups ++SCRIPTWHITELIST=/usr/bin/whatis ++SCRIPTWHITELIST=/usr/sbin/adduser + + # + # Allow the specified file to have the immutable attribute set. +@@ -584,6 +586,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet + # The default value is the null string. + # + #IMMUTWHITELIST=/sbin/ifdown ++IMMUTWHITELIST=/usr/bin/login ++IMMUTWHITELIST=/usr/bin/passwd ++IMMUTWHITELIST=/usr/bin/su ++IMMUTWHITELIST=/sbin/init + + # + # If this option is set to '1', then the immutable-bit test is reversed. That +@@ -787,6 +793,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet + # The default value is the null string. + # + #UID0_ACCOUNTS=toor rooty ++UID0_ACCOUNTS=toor + + # + # This option allows the specified accounts to have no password. NIS/YP entries +@@ -1222,3 +1229,6 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet + # + #EMPTY_LOGFILES="" + #MISSING_LOGFILES="" ++ ++INSTALLDIR=RKHPREFIX ++USER_FILEPROP_FILES_DIRS=RKHPREFIX/etc/rkhunter.conf Modified: head/security/rkhunter/files/patch-installer.sh ============================================================================== --- head/security/rkhunter/files/patch-installer.sh Tue Jun 13 22:49:20 2017 (r443546) +++ head/security/rkhunter/files/patch-installer.sh Wed Jun 14 00:14:21 2017 (r443547) @@ -1,6 +1,6 @@ ---- ./installer.sh.orig 2012-04-27 00:10:12.000000000 +0200 -+++ ./installer.sh 2012-07-03 23:56:30.000000000 +0200 -@@ -392,7 +392,7 @@ +--- installer.sh.orig 2014-02-24 02:37:15 UTC ++++ installer.sh +@@ -392,7 +392,7 @@ selectTemplate() { # Take input from the "--install pa RKHINST_ETC_DIR="${SYSCONFIGDIR}" RKHINST_BIN_DIR="${BINDIR}" RKHINST_SCRIPT_DIR="${LIBDIR}/${APPNAME}/scripts" @@ -9,7 +9,7 @@ if [ "${RKHINST_LAYOUT}" = "oldschool" ]; then RKHINST_DB_DIR="${VARDIR}/${APPNAME}/db" -@@ -406,12 +406,12 @@ +@@ -406,12 +406,12 @@ selectTemplate() { # Take input from the "--install pa elif [ "${RKHINST_LAYOUT}" = "TXZ" ]; then RKHINST_DB_DIR="${VARDIR}/lib/${APPNAME}/db" RKHINST_TMP_DIR="${VARDIR}/lib/${APPNAME}/tmp" @@ -24,11 +24,12 @@ fi RKHINST_LANG_DIR="${RKHINST_DB_DIR}/i18n" -@@ -1076,22 +1076,6 @@ +@@ -1099,22 +1099,6 @@ doRemove() { + fi fi done - - +- - # Application - for FILE in ${RKHINST_BIN_FILES}; do - if [ -f "${RKHINST_BIN_DIR}/${FILE}" ]; then @@ -43,7 +44,6 @@ - fi - done - -- + # Configuration file for FILE in ${RKHINST_ETC_FILE}; do - if [ -f "${RKHINST_ETC_DIR}/${FILE}" ]; then Modified: head/security/rkhunter/pkg-plist ============================================================================== --- head/security/rkhunter/pkg-plist Tue Jun 13 22:49:20 2017 (r443546) +++ head/security/rkhunter/pkg-plist Wed Jun 14 00:14:21 2017 (r443547) @@ -30,8 +30,8 @@ var/lib/rkhunter/db/signatures/RKH_sshd.ldb var/lib/rkhunter/db/signatures/RKH_turtle.ldb var/lib/rkhunter/db/signatures/RKH_xsyslog.ldb var/lib/rkhunter/db/suspscan.dat -@unexec rm -f %D/var/lib/rkhunter/db/rkhunter_prop_list.dat 2> /dev/null || true -@unexec rm -f %D/var/lib/rkhunter/db/rkhunter.dat* 2> /dev/null || true +@postunexec rm -f %D/var/lib/rkhunter/db/rkhunter_prop_list.dat 2> /dev/null || true +@postunexec rm -f %D/var/lib/rkhunter/db/rkhunter.dat* 2> /dev/null || true var/lib/rkhunter/tmp/group var/lib/rkhunter/tmp/passwd @dir(,,0750) lib/rkhunter/scripts