From owner-svn-ports-all@FreeBSD.ORG Fri Jun 6 14:24:50 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BB7BE2A5; Fri, 6 Jun 2014 14:24:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9C0A02681; Fri, 6 Jun 2014 14:24:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s56EOoxe063050; Fri, 6 Jun 2014 14:24:50 GMT (envelope-from adamw@svn.freebsd.org) Received: (from adamw@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s56EOnHS063046; Fri, 6 Jun 2014 14:24:49 GMT (envelope-from adamw@svn.freebsd.org) Message-Id: <201406061424.s56EOnHS063046@svn.freebsd.org> From: Adam Weinberger Date: Fri, 6 Jun 2014 14:24:49 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r356789 - in head/security/rkhunter: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 14:24:50 -0000 Author: adamw Date: Fri Jun 6 14:24:49 2014 New Revision: 356789 URL: http://svnweb.freebsd.org/changeset/ports/356789 QAT: https://qat.redports.org/buildarchive/r356789/ Log: 1.4.0 was unfetchable and the website advises everyone to "upgrade real soon now." So, update the port to 1.4.2. Also, STAGE support, options helpers, @sample, etc. Modified: head/security/rkhunter/Makefile head/security/rkhunter/distinfo head/security/rkhunter/files/patch-files__rkhunter.conf head/security/rkhunter/pkg-plist Modified: head/security/rkhunter/Makefile ============================================================================== --- head/security/rkhunter/Makefile Fri Jun 6 14:12:32 2014 (r356788) +++ head/security/rkhunter/Makefile Fri Jun 6 14:24:49 2014 (r356789) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= rkhunter -PORTVERSION= 1.4.0 -PORTREVISION= 1 +PORTVERSION= 1.4.2 CATEGORIES= security MASTER_SITES= SF @@ -22,50 +21,29 @@ USES= perl5 NO_BUILD= yes SUB_FILES= 415.${PORTNAME} -MAN8= ${PORTNAME}.8 -MANCOMPRESSED= no - PORTDOCS= ACKNOWLEDGMENTS CHANGELOG FAQ LICENSE README -NO_STAGE= yes -.include - -.if ${PORT_OPTIONS:MLSOF} -RUN_DEPENDS+= lsof:${PORTSDIR}/sysutils/lsof -.endif - -.if ${PORT_OPTIONS:MNMAP} -RUN_DEPENDS+= nmap:${PORTSDIR}/security/nmap -.endif +LSOF_RUN_DEPENDS= lsof:${PORTSDIR}/sysutils/lsof +NMAP_RUN_DEPENDS= nmap:${PORTSDIR}/security/nmap post-patch: @${REINPLACE_CMD} -e 's|{SHAREDIR}/man/man8|{PREFIX}/man/man8|g' \ ${WRKSRC}/installer.sh do-install: - cd ${WRKSRC} && ./installer.sh --layout custom ${PREFIX} --install + cd ${WRKSRC} && ./installer.sh --layout custom ${STAGEDIR}${PREFIX} --install ${INSTALL_MAN} ${WRKSRC}/files/${PORTNAME}.8 \ - ${MAN8PREFIX}/man/man8 - @${MKDIR} ${PREFIX}/etc/periodic/security - ${INSTALL_SCRIPT} ${WRKDIR}/415.${PORTNAME} ${PREFIX}/etc/periodic/security -.if ${PORT_OPTIONS:MDOCS} - @${MKDIR} ${DOCSDIR} - ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/files/|} ${DOCSDIR} -.endif + ${STAGEDIR}${MAN8PREFIX}/man/man8 + @${MKDIR} ${STAGEDIR}${PREFIX}/etc/periodic/security + ${INSTALL_SCRIPT} ${WRKDIR}/415.${PORTNAME} ${STAGEDIR}${PREFIX}/etc/periodic/security + @${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/files/|} ${STAGEDIR}${DOCSDIR} post-install: - ${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${PREFIX}/etc/${PORTNAME}.conf.sample - @if [ ! -f ${PREFIX}/etc/${PORTNAME}.conf ]; then \ - ${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.conf ${PREFIX}/etc; \ - fi - ${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample - ${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat.sample - @if [ ! -f ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat ]; then \ - ${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat; \ - fi - @if [ ! -f ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat ]; then \ - ${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat; \ - fi - @${CAT} ${PKGMESSAGE} + ${REINPLACE_CMD} -i '' -e 's,${STAGEDIR},,' \ + ${STAGEDIR}${PREFIX}/bin/${PORTNAME} ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf + ${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample + ${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample + ${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat.sample -.include +.include Modified: head/security/rkhunter/distinfo ============================================================================== --- head/security/rkhunter/distinfo Fri Jun 6 14:12:32 2014 (r356788) +++ head/security/rkhunter/distinfo Fri Jun 6 14:24:49 2014 (r356789) @@ -1,2 +1,2 @@ -SHA256 (rkhunter-1.4.0.tar.gz) = a891c0b900417f2980f0e9afcdb10d1fd5581703be2587a92c90c7631b8814dc -SIZE (rkhunter-1.4.0.tar.gz) = 244552 +SHA256 (rkhunter-1.4.2.tar.gz) = 789cc84a21faf669da81e648eead2e62654cfbe0b2d927119d8b1e55b22b65c3 +SIZE (rkhunter-1.4.2.tar.gz) = 277707 Modified: head/security/rkhunter/files/patch-files__rkhunter.conf ============================================================================== --- head/security/rkhunter/files/patch-files__rkhunter.conf Fri Jun 6 14:12:32 2014 (r356788) +++ head/security/rkhunter/files/patch-files__rkhunter.conf Fri Jun 6 14:24:49 2014 (r356789) @@ -1,33 +1,32 @@ ---- ./files/rkhunter.conf.orig 2011-12-17 22:36:02.000000000 +0100 -+++ ./files/rkhunter.conf 2012-07-03 23:57:15.000000000 +0200 -@@ -468,6 +468,10 @@ +--- files/rkhunter.conf.orig 2014-06-06 09:59:35.000000000 -0400 ++++ files/rkhunter.conf 2014-06-06 10:01:32.000000000 -0400 +@@ -575,6 +575,10 @@ + # The default value is the null string. # - #SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown" - #SCRIPTWHITELIST="/usr/bin/groups" + #SCRIPTWHITELIST=/usr/bin/groups +SCRIPTWHITELIST=/usr/bin/whatis +SCRIPTWHITELIST=/usr/sbin/adduser +SCRIPTWHITELIST=/usr/local/bin/GET +SCRIPTWHITELIST=/usr/local/sbin/pkgdb # - # Allow the specified commands to have the immutable attribute set. -@@ -477,6 +481,10 @@ - # characters. + # Allow the specified file to have the immutable attribute set. +@@ -584,6 +588,10 @@ + # The default value is the null string. # - #IMMUTWHITELIST="/sbin/ifup /sbin/ifdown" + #IMMUTWHITELIST=/sbin/ifdown +IMMUTWHITELIST=/usr/bin/login +IMMUTWHITELIST=/usr/bin/passwd +IMMUTWHITELIST=/usr/bin/su +IMMUTWHITELIST=/sbin/init # - # If this option is set to 1, then the immutable-bit test is -@@ -668,7 +676,7 @@ - # NOTE: For *BSD systems you will probably need to use this option - # for the 'toor' account. + # If this option is set to '1', then the immutable-bit test is reversed. That +@@ -787,6 +795,7 @@ + # The default value is the null string. # --#UID0_ACCOUNTS="toor rooty" -+UID0_ACCOUNTS="toor" + #UID0_ACCOUNTS=toor rooty ++UID0_ACCOUNTS=toor # - # Allow the following accounts to have no password. NIS/YP entries do + # This option allows the specified accounts to have no password. NIS/YP entries Modified: head/security/rkhunter/pkg-plist ============================================================================== --- head/security/rkhunter/pkg-plist Fri Jun 6 14:12:32 2014 (r356788) +++ head/security/rkhunter/pkg-plist Fri Jun 6 14:24:49 2014 (r356789) @@ -1,34 +1,47 @@ bin/rkhunter etc/periodic/security/415.rkhunter -etc/rkhunter.conf +@sample etc/rkhunter.conf.sample lib/rkhunter/scripts/check_modules.pl lib/rkhunter/scripts/filehashsha.pl lib/rkhunter/scripts/readlink.sh lib/rkhunter/scripts/stat.pl +man/man8/rkhunter.8.gz var/lib/rkhunter/db/backdoorports.dat var/lib/rkhunter/db/i18n/cn var/lib/rkhunter/db/i18n/de var/lib/rkhunter/db/i18n/en +var/lib/rkhunter/db/i18n/tr +var/lib/rkhunter/db/i18n/tr.utf8 var/lib/rkhunter/db/i18n/zh var/lib/rkhunter/db/i18n/zh.utf8 -var/lib/rkhunter/db/mirrors.dat -var/lib/rkhunter/db/programs_bad.dat +@sample var/lib/rkhunter/db/mirrors.dat.sample +@sample var/lib/rkhunter/db/programs_bad.dat.sample +var/lib/rkhunter/db/signatures/RKH_Glubteba.ldb +var/lib/rkhunter/db/signatures/RKH_dso.ldb +var/lib/rkhunter/db/signatures/RKH_jynx.ldb +var/lib/rkhunter/db/signatures/RKH_kbeast.ldb +var/lib/rkhunter/db/signatures/RKH_libkeyutils.ldb +var/lib/rkhunter/db/signatures/RKH_libkeyutils1.ldb +var/lib/rkhunter/db/signatures/RKH_libncom.ldb +var/lib/rkhunter/db/signatures/RKH_pamunixtrojan.ldb +var/lib/rkhunter/db/signatures/RKH_shv.ldb +var/lib/rkhunter/db/signatures/RKH_sniffer.ldb +var/lib/rkhunter/db/signatures/RKH_sshd.ldb +var/lib/rkhunter/db/signatures/RKH_turtle.ldb +var/lib/rkhunter/db/signatures/RKH_xsyslog.ldb var/lib/rkhunter/db/suspscan.dat @unexec rm -f %D/var/lib/rkhunter/db/rkhunter_prop_list.dat 2> /dev/null || true @unexec rm -f %D/var/lib/rkhunter/db/rkhunter.dat* 2> /dev/null || true -@unexec if cmp -s %D/etc/rkhunter.conf.sample %D/etc/rkhunter.conf; then rm -f %D/etc/rkhunter.conf; fi -etc/rkhunter.conf.sample -@exec if [ ! -f %D/etc/rkhunter.conf ] ; then cp -p %D/%F %B/rkhunter.conf; fi var/lib/rkhunter/tmp/group var/lib/rkhunter/tmp/passwd @dirrmtry etc/periodic/security @dirrmtry etc/periodic -@dirrmtry share/doc/rkhunter @dirrm var/lib/rkhunter/tmp +@dirrm var/lib/rkhunter/db/signatures @dirrm var/lib/rkhunter/db/i18n @dirrm var/lib/rkhunter/db @dirrm var/lib/rkhunter -@dirrm var/lib -@dirrm var +@dirrmtry var/lib +@dirrmtry var @dirrm lib/rkhunter/scripts @dirrm lib/rkhunter