rpms/rkhunter/devel 01-rkhunter,1.2,1.3 rkhunter.spec,1.13,1.14
Kevin Fenzi (kevin)
fedora-extras-commits at redhat.com
Thu Mar 27 04:03:18 UTC 2008
- Previous message (by thread): rpms/kdebase3/devel kdebase-3.5.9-userdiskmount.patch, 1.1, 1.2 kdebase3.spec, 1.48, 1.49
- Next message (by thread): rpms/kernel/devel patch-2.6.25-rc7-git1.bz2.sign, NONE, 1.1 .cvsignore, 1.790, 1.791 kernel.spec, 1.545, 1.546 sources, 1.749, 1.750 upstream, 1.670, 1.671
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kevin
Update of /cvs/extras/rpms/rkhunter/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11670
Modified Files:
01-rkhunter rkhunter.spec
Log Message:
Move things to more standard locations for selinux - bug #438184
Add exception for pulseaudio file - bug #438622
Index: 01-rkhunter
===================================================================
RCS file: /cvs/extras/rpms/rkhunter/devel/01-rkhunter,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- 01-rkhunter 29 Feb 2008 03:33:37 -0000 1.2
+++ 01-rkhunter 27 Mar 2008 04:02:39 -0000 1.3
@@ -4,7 +4,7 @@
XITVAL=0
# Get a secure tempfile
-TMPFILE1=`/bin/mktemp -p /var/rkhunter/tmp rkhcronlog.XXXXXXXXXX` || exit 1
+TMPFILE1=`/bin/mktemp -p /var/run/rkhunter rkhcronlog.XXXXXXXXXX` || exit 1
if [ ! -e /var/lock/subsys/rkhunter ]; then
@@ -20,23 +20,14 @@
# If a diagnostic mode scan was requested, setup the parameters
if [ "$DIAG_SCAN" == "yes" ]; then
- RKHUNTER_FLAGS="
- --checkall
- --run-application-check
- --skip-keypress
- --nocolors
- --quiet
- --append-log $TMPFILE1
- "
+ RKHUNTER_FLAGS="--checkall --skip-keypress --nocolors --quiet --appendlog --display-logfile"
else
- RKHUNTER_FLAGS="
- --cronjob
- "
+ RKHUNTER_FLAGS="--cronjob --report-warnings-only"
fi
# Set a few critical parameters
RKHUNTER=/usr/bin/rkhunter
- LOGFILE=/var/log/rkhunter.log
+ LOGFILE=/var/log/rkhunter/rkhunter.log
# Run RootKit Hunter if available
if [ -x $RKHUNTER ]; then
Index: rkhunter.spec
===================================================================
RCS file: /cvs/extras/rpms/rkhunter/devel/rkhunter.spec,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- rkhunter.spec 29 Feb 2008 03:33:37 -0000 1.13
+++ rkhunter.spec 27 Mar 2008 04:02:39 -0000 1.14
@@ -1,6 +1,6 @@
Name: rkhunter
Version: 1.3.2
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A host-based tool to scan for rootkits, backdoors and local exploits
Group: Applications/System
@@ -28,8 +28,8 @@
%{__perl} -pi.0001 -e '
s|^#(MAIL-ON-WARNING=).+$|$1root\@localhost|;
- s|^#(TMPDIR=).+$|$1%{_var}/%{name}/tmp|;
- s|^#(DBDIR=).+$|$1%{_var}/%{name}/db|;
+ s|^#(TMPDIR=).+$|$1%{_var}/run/%{name}|;
+ s|^#(DBDIR=).+$|$1%{_var}/lib/%{name}/db|;
s|^#(SCRIPTDIR=).+$|$1%{_datadir}/%{name}/scripts|;
s|^#(PKGMGR=).+$|$1RPM|;
%if 0%{?el4}%{?el5}
@@ -40,6 +40,7 @@
s|^#(ALLOWHIDDENDIR=).+$|$1/dev/.udev|;
s|^#(ALLOWHIDDENFILE=).+$|$1/usr/share/man/man1/..1.gz|;
s|^(APPEND_LOG=).+$|$11|;
+ s|^(LOGFILE=).+$|$1/var/log/rkhunter/rkhunter.log|;
s|^(ALLOW_SSH_ROOT_USER=).+$|$1yes|;
s|^(DISABLE_TESTS=).+$|$1"additional_rkts suspscan hidden_procs deleted_files packet_cap_apps"|;
' files/%{name}.conf
@@ -55,12 +56,13 @@
# in f8/f9
%if 0%{?fc8}%{?fc9}
echo "SYSLOG_CONFIG_FILE=/etc/rsyslog.conf" >> files/%name.conf
+echo "ALLOWDEVFILE=/dev/shm/pulse-shm-*" >> files/%name.conf
%else
echo "SYSLOG_CONFIG_FILE=/etc/syslog.conf" >> files/%name.conf
%endif
%{__cat} <<'EOF' >%{name}.logrotate
-%{_localstatedir}/log/%{name}.log {
+%{_localstatedir}/log/%{name}/%{name}.log {
weekly
notifempty
create 640 root root
@@ -78,20 +80,22 @@
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_mandir}/man8
-%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/%{name}/{db,tmp}
-%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/%{name}/db/i18n
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/run/%{name}
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/log/%{name}
+%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n
%{__install} -m755 -p files/%{name} ${RPM_BUILD_ROOT}%{_bindir}/
-%{__install} -m644 -p files/backdoorports.dat ${RPM_BUILD_ROOT}%{_var}/%{name}/db/
-%{__install} -m644 -p files/defaulthashes.dat ${RPM_BUILD_ROOT}%{_var}/%{name}/db/
-%{__install} -m644 -p files/md5blacklist.dat ${RPM_BUILD_ROOT}%{_var}/%{name}/db/
-%{__install} -m644 -p files/mirrors.dat ${RPM_BUILD_ROOT}%{_var}/%{name}/db/
-%{__install} -m644 -p files/os.dat ${RPM_BUILD_ROOT}%{_var}/%{name}/db/
-%{__install} -m644 -p files/programs_bad.dat ${RPM_BUILD_ROOT}%{_var}/%{name}/db/
-%{__install} -m644 -p files/programs_good.dat ${RPM_BUILD_ROOT}%{_var}/%{name}/db/
-%{__install} -m644 -p files/i18n/cn ${RPM_BUILD_ROOT}%{_var}/%{name}/db/i18n/
-%{__install} -m644 -p files/i18n/en ${RPM_BUILD_ROOT}%{_var}/%{name}/db/i18n/
+%{__install} -m644 -p files/backdoorports.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/defaulthashes.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/md5blacklist.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/mirrors.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/os.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/programs_bad.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/programs_good.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
+%{__install} -m644 -p files/i18n/cn ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/
+%{__install} -m644 -p files/i18n/en ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/
%{__install} -m644 -p files/CHANGELOG ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
%{__install} -m644 -p files/LICENSE ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
@@ -121,16 +125,21 @@
%{_datadir}/%{name}/scripts
%{_sysconfdir}/cron.daily/01-%{name}
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
-%dir %{_var}/%{name}
-%{_var}/%{name}/db
-%{_var}/%{name}/db/i18n
-%dir %{_var}/%{name}/tmp
+%dir %{_var}/lib/%{name}
+%{_var}/lib/%{name}/db
+%{_var}/lib/%{name}/db/i18n
+%dir %{_var}/run/%{name}
+%dir %{_var}/log/%{name}
%config(noreplace) %{_sysconfdir}/%{name}.conf
%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
%dir %{_docdir}/%{name}-%{version}
%{_mandir}/man8/*
%changelog
+* Wed Mar 26 2008 Kevin Fenzi <kevin at tummy.com> - 1.3.2-2
+- Move things to more standard locations for selinux - bug #438184
+- Add exception for pulseaudio file - bug #438622
+
* Thu Feb 28 2008 Kevin Fenzi <kevin at tummy.com> - 1.3.2-1
- Update to 1.3.2
- Fix cron script
- Previous message (by thread): rpms/kdebase3/devel kdebase-3.5.9-userdiskmount.patch, 1.1, 1.2 kdebase3.spec, 1.48, 1.49
- Next message (by thread): rpms/kernel/devel patch-2.6.25-rc7-git1.bz2.sign, NONE, 1.1 .cvsignore, 1.790, 1.791 kernel.spec, 1.545, 1.546 sources, 1.749, 1.750 upstream, 1.670, 1.671
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list