Date: Thu, 12 Aug 2004 12:40:51 +0200 (CEST) From: bugghy <bugghy@phenix.rootshell.be> To: FreeBSD-gnats-submit@FreeBSD.org Cc: bugghy@SAFe-mail.net Subject: ports/70359: [maintainer update] Update port: security/rkhunter Rootkit detection tool Message-ID: <Pine.LNX.4.44.0408121236550.30922-100000@phenix.rootshell.be> Resent-Message-ID: <200408121050.i7CAoTxJ092761@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 70359 >Category: ports >Synopsis: [maintainer update] Update port: security/rkhunter Rootkit detection tool >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Aug 12 10:50:29 GMT 2004 >Closed-Date: >Last-Modified: >Originator: bugghy <bugghy@rootshell.be> >Release: FreeBSD 5.2.1-RELEASE-p9 i386 >Organization: >Environment: System: FreeBSD illusion.com 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 >Description: Rootkit Hunter is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like: - MD5/SHA1 hash compare - Look for default files used by rootkits - Wrong file permissions for binaries - Look for suspected strings in LKM and KLD modules - Look for hidden files - Optional scan within plaintext and binary files >How-To-Repeat: >Fix: diff -ruN rkhunter-old/Makefile rkhunter/Makefile --- rkhunter-old/Makefile Thu Aug 12 11:15:22 2004 +++ rkhunter/Makefile Thu Aug 12 11:15:37 2004 @@ -6,7 +6,7 @@ # PORTNAME= rkhunter -PORTVERSION= 1.1.4 +PORTVERSION= 1.1.5 CATEGORIES= security MASTER_SITES= http://downloads.rootkit.nl/ diff -ruN rkhunter-old/distinfo rkhunter/distinfo --- rkhunter-old/distinfo Thu Aug 12 11:15:22 2004 +++ rkhunter/distinfo Thu Aug 12 11:17:03 2004 @@ -1,2 +1,2 @@ -MD5 (rkhunter-1.1.4.tar.gz) = 08938c110c8363c62c82dad0571517d0 -SIZE (rkhunter-1.1.4.tar.gz) = 102147 +MD5 (rkhunter-1.1.5.tar.gz) = 750df8c8ab7855bc81ba10504694a33a +SIZE (rkhunter-1.1.5.tar.gz) = 103822 diff -ruN rkhunter-old/files/lol rkhunter/files/lol --- rkhunter-old/files/lol Thu Jan 1 00:00:00 1970 +++ rkhunter/files/lol Thu Aug 12 11:35:37 2004 @@ -0,0 +1,72 @@ +--- installer.sh.old Thu Aug 12 11:20:01 2004 ++++ installer.sh Thu Aug 12 11:30:36 2004 +@@ -120,15 +120,12 @@ + overwrite:programs_good.dat:/db/programs_good.dat:Database%%Program%%versions + overwrite:defaulthashes.dat:/db/defaulthashes.dat:Database%%Default%%file%%hashes + overwrite:md5blacklist.dat:/db/md5blacklist.dat:Database%%MD5%%blacklisted%%files +-overwrite:CHANGELOG:/docs/CHANGELOG:Changelog +-overwrite:README:/docs/README:Readme%%and%%FAQ +-overwrite:WISHLIST:/docs/WISHLIST:Wishlist%%and%%TODO + " + + # Prefix: INSTALLDIR + INSTALLFILES2=" +-nooverwrite:rkhunter.conf:/usr/local/etc/rkhunter.conf:RK%%Hunter%%configuration%%file +-overwrite:rkhunter:/usr/local/bin/rkhunter:RK%%Hunter%%binary ++nooverwrite:rkhunter.conf:/etc/rkhunter.conf.sample:RK%%Hunter%%configuration%%file ++overwrite:rkhunter:/bin/rkhunter:RK%%Hunter%%binary + " + + # Create directories (only if they do not exist) +@@ -137,10 +134,7 @@ + ${INSTALLDIR}/etc + ${INSTALLDIR}/bin + ${INSTALLDIR}/lib/rkhunter/db +-${INSTALLDIR}/lib/rkhunter/docs + ${INSTALLDIR}/lib/rkhunter/scripts +-${INSTALLDIR}/lib/rkhunter/tmp +-/usr/local/etc + " + + CHECKDIR="/usr/local" +@@ -347,9 +341,6 @@ + ################################################################################# + + +-# Clean active window +-clear +- + echo "${INSTALLER_NAME} ${INSTALLER_VERSION} (${INSTALLER_COPYRIGHT})" + echo $ECHOOPT "---------------" + echo "Starting installation/update" +@@ -468,7 +459,7 @@ + echo "Skipped (no overwrite)" + else + #error redirection in .rkhunter it's just for a clear display if user run not as root +- cp -f ${INSTALLPREFIX}${CURFILE} ${NEWFILE} 2> ~/.rkhunter.log ++ cp -f ${INSTALLPREFIX}${CURFILE} "${INSTALLDIR}/${NEWFILE}" 2> ~/.rkhunter.log + if [ $? -eq 0 ] + then + echo $E "OK" +@@ -481,10 +472,10 @@ + + done + +-INSTALLDIRCHECK=`cat /usr/local/etc/rkhunter.conf | grep "INSTALLDIR="` ++INSTALLDIRCHECK=`cat $INSTALLDIR/etc/rkhunter.conf.sample | grep "INSTALLDIR="` + if [ "${INSTALLDIRCHECK}" = "" ] + then +- echo "INSTALLDIR=${INSTALLDIR}" >> /usr/local/etc/rkhunter.conf ++ echo "INSTALLDIR=${INSTALLDIR}" >> $INSTALLDIR/etc/rkhunter.conf.sample + echo "Configuration updated with installation path (${INSTALLDIR})" + else + echo "Configuration already updated." +@@ -494,7 +485,7 @@ + then + echo "" + echo $E "$t17" +- echo "$t18 (/usr/local/bin/rkhunter)" ++ echo "$t18 (${INSTALLDIR}/bin/rkhunter)" + else + echo "" + echo $E "$t19" diff -ruN rkhunter-old/files/patch-installer.sh rkhunter/files/patch-installer.sh --- rkhunter-old/files/patch-installer.sh Thu Aug 12 11:15:22 2004 +++ rkhunter/files/patch-installer.sh Thu Aug 12 11:50:19 2004 @@ -1,5 +1,5 @@ ---- installer.sh.old Sun Aug 8 00:16:28 2004 -+++ installer.sh Sun Aug 8 00:21:52 2004 +--- installer.sh.old Thu Aug 12 11:20:01 2004 ++++ installer.sh Thu Aug 12 11:30:36 2004 @@ -120,15 +120,12 @@ overwrite:programs_good.dat:/db/programs_good.dat:Database%%Program%%versions overwrite:defaulthashes.dat:/db/defaulthashes.dat:Database%%Default%%file%%hashes @@ -11,9 +11,9 @@ # Prefix: INSTALLDIR INSTALLFILES2=" --overwrite:rkhunter.conf:/usr/local/etc/rkhunter.conf:RK%%Hunter%%configuration%%file +-nooverwrite:rkhunter.conf:/usr/local/etc/rkhunter.conf:RK%%Hunter%%configuration%%file -overwrite:rkhunter:/usr/local/bin/rkhunter:RK%%Hunter%%binary -+overwrite:rkhunter.conf:/etc/rkhunter.conf.sample:RK%%Hunter%%configuration%%file ++nooverwrite:rkhunter.conf:/etc/rkhunter.conf:RK%%Hunter%%configuration%%file +overwrite:rkhunter:/bin/rkhunter:RK%%Hunter%%binary " @@ -39,29 +39,29 @@ echo "${INSTALLER_NAME} ${INSTALLER_VERSION} (${INSTALLER_COPYRIGHT})" echo $ECHOOPT "---------------" echo "Starting installation/update" -@@ -470,7 +461,7 @@ - if [ -f ${INSTALLPREFIX}${CURFILE} ] - then +@@ -468,7 +459,7 @@ + echo "Skipped (no overwrite)" + else #error redirection in .rkhunter it's just for a clear display if user run not as root - cp -f ${INSTALLPREFIX}${CURFILE} ${NEWFILE} 2> ~/.rkhunter.log + cp -f ${INSTALLPREFIX}${CURFILE} "${INSTALLDIR}/${NEWFILE}" 2> ~/.rkhunter.log if [ $? -eq 0 ] then echo $E "OK" -@@ -485,10 +476,10 @@ +@@ -481,10 +472,10 @@ done -INSTALLDIRCHECK=`cat /usr/local/etc/rkhunter.conf | grep "INSTALLDIR="` -+INSTALLDIRCHECK=`cat $INSTALLDIR/etc/rkhunter.conf.sample | grep "INSTALLDIR="` ++INSTALLDIRCHECK=`cat $INSTALLDIR/etc/rkhunter.conf | grep "INSTALLDIR="` if [ "${INSTALLDIRCHECK}" = "" ] then - echo "INSTALLDIR=${INSTALLDIR}" >> /usr/local/etc/rkhunter.conf -+ echo "INSTALLDIR=${INSTALLDIR}" >> $INSTALLDIR/etc/rkhunter.conf.sample ++ echo "INSTALLDIR=${INSTALLDIR}" >> $INSTALLDIR/etc/rkhunter.conf echo "Configuration updated with installation path (${INSTALLDIR})" else echo "Configuration already updated." -@@ -498,7 +489,7 @@ +@@ -494,7 +485,7 @@ then echo "" echo $E "$t17" diff -ruN rkhunter-old/files/pkg-message.in rkhunter/files/pkg-message.in --- rkhunter-old/files/pkg-message.in Thu Aug 12 11:15:22 2004 +++ rkhunter/files/pkg-message.in Thu Aug 12 11:45:38 2004 @@ -1,7 +1,6 @@ ############################################################################# Installed additional documentation in: PREFIX/share/doc/rkhunter - Copy PREFIX/etc/rkhunter.conf.sample to PREFIX/etc/rkhunter.conf ############################################################################# diff -ruN rkhunter-old/pkg-plist rkhunter/pkg-plist --- rkhunter-old/pkg-plist Thu Aug 12 11:15:22 2004 +++ rkhunter/pkg-plist Thu Aug 12 11:37:44 2004 @@ -1,4 +1,3 @@ -etc/rkhunter.conf.sample bin/rkhunter lib/rkhunter/db/backdoorports.dat lib/rkhunter/db/mirrors.dat >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0408121236550.30922-100000>