| 1 |
slords |
1.1 |
# We can't let RPM do the dependencies automatic because it'll then pick up |
| 2 |
|
|
# a correct but undesirable perl dependency, which rkhunter does not require |
| 3 |
|
|
# in order to function properly. |
| 4 |
|
|
AutoReqProv: no |
| 5 |
|
|
|
| 6 |
|
|
Summary: Rootkit scans for rootkits, backdoors and local exploits. |
| 7 |
|
|
Name: rkhunter |
| 8 |
|
|
Version: 1.2.9 |
| 9 |
|
|
Release: 3%{?dist} |
| 10 |
|
|
Epoch: 0 |
| 11 |
|
|
License: GPL |
| 12 |
|
|
Group: Applications/System |
| 13 |
|
|
URL: http://rkhunter.sourceforge.net/ |
| 14 |
|
|
Source0: %{name}-%{version}.tar.gz |
| 15 |
|
|
Patch0: rkhunter-sme7.patch |
| 16 |
|
|
BuildArch: noarch |
| 17 |
|
|
Requires: /bin/sh, /bin/ps, /bin/ls, /bin/cat, /bin/egrep, /usr/bin/strings |
| 18 |
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
| 19 |
|
|
|
| 20 |
|
|
%description |
| 21 |
|
|
Rootkit scanner is scanning tool to ensure you for about 99.9%% you're |
| 22 |
|
|
clean of nasty tools. This tool scans for rootkits, backdoors and local |
| 23 |
|
|
exploits by running tests like: |
| 24 |
|
|
- MD5 hash compare |
| 25 |
|
|
- Look for default files used by rootkits |
| 26 |
|
|
- Wrong file permissions for binaries |
| 27 |
|
|
- Look for suspected strings in LKM and KLD modules |
| 28 |
|
|
- Look for hidden files |
| 29 |
|
|
- Optional scan within plaintext and binary files |
| 30 |
|
|
- Software version checks |
| 31 |
|
|
- Application tests |
| 32 |
|
|
|
| 33 |
|
|
Rootkit Hunter is released as a GPL licensed project and free for everyone to use. |
| 34 |
|
|
|
| 35 |
|
|
|
| 36 |
|
|
%prep |
| 37 |
|
|
%setup |
| 38 |
|
|
%patch -p1 |
| 39 |
|
|
|
| 40 |
|
|
%build |
| 41 |
|
|
#%%configure ... |
| 42 |
|
|
# We have nothing to configure... yet... |
| 43 |
|
|
|
| 44 |
|
|
%install |
| 45 |
|
|
# Well... This could be a bit smaller if the install |
| 46 |
|
|
# script was able to handle DSTDIR for example... |
| 47 |
|
|
|
| 48 |
|
|
# (cjo) remove old version of build root, if it exists |
| 49 |
|
|
%{__rm} -rf ${RPM_BUILD_ROOT} |
| 50 |
|
|
|
| 51 |
|
|
%{__mkdir} -p ${RPM_BUILD_ROOT}%{_bindir} |
| 52 |
|
|
%{__mkdir} -p ${RPM_BUILD_ROOT}%{_sysconfdir} |
| 53 |
|
|
%{__mkdir} -p ${RPM_BUILD_ROOT}%{_libdir} |
| 54 |
|
|
%{__mkdir} -p ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts |
| 55 |
|
|
%{__mkdir} -p ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version} |
| 56 |
|
|
%{__mkdir} -p ${RPM_BUILD_ROOT}%{_mandir}/man8 |
| 57 |
|
|
%{__mkdir} -p ${RPM_BUILD_ROOT}%{_var}/rkhunter/{db,tmp} |
| 58 |
|
|
%{__chmod} ug+rwx,o-rwx ${RPM_BUILD_ROOT}%{_var}/rkhunter/tmp |
| 59 |
|
|
|
| 60 |
|
|
%{__install} -m750 -p files/rkhunter ${RPM_BUILD_ROOT}%{_bindir}/ |
| 61 |
|
|
|
| 62 |
|
|
%{__install} -m640 -p files/backdoorports.dat ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/ |
| 63 |
|
|
%{__install} -m640 -p files/defaulthashes.dat ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/ |
| 64 |
|
|
%{__install} -m640 -p files/mirrors.dat ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/ |
| 65 |
|
|
%{__install} -m640 -p files/os.dat ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/ |
| 66 |
|
|
%{__install} -m640 -p files/md5blacklist.dat ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/ |
| 67 |
|
|
%{__install} -m640 -p files/programs_bad.dat ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/ |
| 68 |
|
|
%{__install} -m640 -p files/programs_good.dat ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/ |
| 69 |
|
|
|
| 70 |
|
|
%{__install} -m644 -p files/CHANGELOG ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/ |
| 71 |
|
|
%{__install} -m644 -p files/LICENSE ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/ |
| 72 |
|
|
%{__install} -m644 -p files/README ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/ |
| 73 |
|
|
%{__install} -m644 -p files/WISHLIST ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/ |
| 74 |
|
|
%{__install} -m644 -p files/development/*.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/ |
| 75 |
|
|
|
| 76 |
|
|
%{__install} -m750 -p files/check_modules.pl ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/ |
| 77 |
|
|
%{__install} -m750 -p files/check_port.pl ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/ |
| 78 |
|
|
%{__install} -m750 -p files/filehashmd5.pl ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/ |
| 79 |
|
|
%{__install} -m750 -p files/filehashsha1.pl ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/ |
| 80 |
|
|
%{__install} -m750 -p files/showfiles.pl ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/ |
| 81 |
|
|
%{__install} -m750 -p files/check_update.sh ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/ |
| 82 |
|
|
|
| 83 |
|
|
# (cjo) Put installation root in configuration file, then copy the rest |
| 84 |
|
|
# of the file from the original. |
| 85 |
|
|
cat >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf << EOF |
| 86 |
|
|
## Next three lines installed automatically by RPM. Do not change |
| 87 |
|
|
## unless you know what you're doing... |
| 88 |
|
|
INSTALLDIR=%{_prefix} |
| 89 |
|
|
DBDIR=%{_var}/rkhunter/db |
| 90 |
|
|
TMPDIR=%{_var}/rkhunter/tmp |
| 91 |
|
|
|
| 92 |
|
|
EOF |
| 93 |
|
|
|
| 94 |
|
|
cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf |
| 95 |
|
|
%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf |
| 96 |
|
|
|
| 97 |
|
|
# Only root should use rkhunter (at least for now) |
| 98 |
|
|
%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_libdir}/rkhunter |
| 99 |
|
|
%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/rkhunter/db |
| 100 |
|
|
|
| 101 |
|
|
# make a cron.daily file to mail us the reports |
| 102 |
|
|
%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily" |
| 103 |
|
|
%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/01-rkhunter" <<EOF |
| 104 |
|
|
#!/bin/sh |
| 105 |
|
|
%{_bindir}/rkhunter --cronjob --skip-application-check --report-warnings-only --createlogfile /var/log/rkhunter.log |
| 106 |
|
|
EOF |
| 107 |
|
|
%{__chmod} a+rwx,g-w,o-rwx ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/01-rkhunter |
| 108 |
|
|
|
| 109 |
|
|
%clean |
| 110 |
|
|
%{__rm} -rf "$RPM_BUILD_ROOT" |
| 111 |
|
|
|
| 112 |
|
|
%files |
| 113 |
|
|
%defattr(-,root,root,-) |
| 114 |
|
|
%{_bindir}/rkhunter |
| 115 |
|
|
%dir %{_libdir}/rkhunter |
| 116 |
|
|
%doc %{_docdir}/rkhunter-%{version} |
| 117 |
|
|
%{_mandir}/man8/* |
| 118 |
|
|
%{_libdir}/rkhunter/scripts |
| 119 |
|
|
%dir %{_var}/rkhunter/tmp |
| 120 |
|
|
%{_var}/rkhunter/db |
| 121 |
|
|
%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf |
| 122 |
|
|
%{_sysconfdir}/cron.daily/01-rkhunter |
| 123 |
|
|
|
| 124 |
|
|
|
| 125 |
|
|
%changelog |
| 126 |
|
|
* Sun Apr 29 2007 Shad L. Lords <slords@mail.com> |
| 127 |
|
|
- Clean up spec so package can be built by koji/plague |
| 128 |
|
|
|
| 129 |
|
|
* Wed Mar 07 2007 Shad L. Lords <slords@mail.com> 1.2.9-3 |
| 130 |
|
|
- Add sigs for 7.1.2 and 7.1.3 |
| 131 |
|
|
|
| 132 |
|
|
* Sun Jan 28 2007 Shad L. Lords <slords@mail.com> 1.2.9-2 |
| 133 |
|
|
- Run updates as part of build process |
| 134 |
|
|
|
| 135 |
|
|
* Sun Jan 28 2007 Shad L. Lords <slords@mail.com> 1.2.9-1 |
| 136 |
|
|
- Update to latest 1.2.9 |
| 137 |
|
|
|
| 138 |
|
|
* Tue Dec 12 2006 Shad L. Lords <slords@mail.com> 1.2.8-4 |
| 139 |
|
|
- Add strings as a requirement. [SME: 2267] |
| 140 |
|
|
|
| 141 |
|
|
* Tue Dec 12 2006 Shad L. Lords <slords@mail.com> 1.2.8-3 |
| 142 |
|
|
- Added 7.1 |
| 143 |
|
|
|
| 144 |
|
|
* Thu Dec 07 2006 Shad L. Lords <slords@mail.com> 1.2.8-2 |
| 145 |
|
|
- Update to new release naming. No functional changes. |
| 146 |
|
|
- Make Packager generic |
| 147 |
|
|
|
| 148 |
|
|
* Sun Nov 12 2006 Shad L. Lords <slords@lordsfam.net> 1.2.8-1sme01 |
| 149 |
|
|
- Updated to latest 1.2.8 |
| 150 |
|
|
|
| 151 |
|
|
* Wed Feb 22 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme07 |
| 152 |
|
|
- Added 7.0pre[45] and 7.0prc3 [SME: 860 |
| 153 |
|
|
|
| 154 |
|
|
* Mon Feb 20 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme06 |
| 155 |
|
|
- Added 7.0pre3 [SME: 845] |
| 156 |
|
|
|
| 157 |
|
|
* Sat Feb 4 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme05 |
| 158 |
|
|
- Added 7.0pre2 [SME: 653] |
| 159 |
|
|
|
| 160 |
|
|
* Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme04 |
| 161 |
|
|
- Remove explicit call to /bin/mail from rkhunter daily cron job. If |
| 162 |
|
|
there's no output, we don't want any mail either [SME: 421] |
| 163 |
|
|
|
| 164 |
|
|
* Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme03 |
| 165 |
|
|
- Fix up format of os.dat entries. rkhunter knows about |
| 166 |
|
|
/etc/e-smith-release [SME: 384] |
| 167 |
|
|
|
| 168 |
|
|
* Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme02 |
| 169 |
|
|
- And add support for 7.0pre1 [SME: 384] |
| 170 |
|
|
|
| 171 |
|
|
* Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme01 |
| 172 |
|
|
- Add support for 7.0beta9, rc[12] and final [SME: 384] |
| 173 |
|
|
|
| 174 |
|
|
* Wed Nov 09 2005 Charlie Brady <charlieb@e-smith.com> 1.2.7-1es2 |
| 175 |
|
|
- Add support for CentOS 4.{1,2,3} |
| 176 |
|
|
|
| 177 |
|
|
* Fri Jul 15 2005 Charlie Brady - 1.2.7-1es |
| 178 |
|
|
- Upgrade to 1.2.7 |
| 179 |
|
|
|
| 180 |
|
|
* Sun Jun 05 2005 Charlie Brady - 1.2.6-2es |
| 181 |
|
|
- Make cron job quieter |
| 182 |
|
|
- Add SME6.1 and SME7 as recognised OSes. |
| 183 |
|
|
|
| 184 |
|
|
* Tue May 10 2005 Charlie Brady - 1.2.6 |
| 185 |
|
|
- Update to 1.2.6 |
| 186 |
|
|
|
| 187 |
|
|
* Tue Aug 10 2004 Michael Boelen - 1.1.5 |
| 188 |
|
|
- Added update script |
| 189 |
|
|
- Extended description |
| 190 |
|
|
|
| 191 |
|
|
* Sun Aug 08 2004 Greg Houlette - 1.1.5 |
| 192 |
|
|
- Changed the install procedure eliminating the specification of |
| 193 |
|
|
destination filenames (only needed if you are renaming during install) |
| 194 |
|
|
- Changed the permissions for documentation files (root only overkill) |
| 195 |
|
|
- Added the installation of the rkhunter Man Page |
| 196 |
|
|
- Added the installation of the programs_{bad, good}.dat database files |
| 197 |
|
|
- Added the installation of the LICENSE documentation file |
| 198 |
|
|
- Added the chmod for root only to the /var/rkhunter/db directory |
| 199 |
|
|
|
| 200 |
|
|
* Sun May 23 2004 Craig Orsinger (cjo) <cjorsinger@earthlink.net> |
| 201 |
|
|
- version 1.1.0-1.cjo |
| 202 |
|
|
- changed installation in accordance with new rootkit installation |
| 203 |
|
|
procedure |
| 204 |
|
|
- changed installation root to conform to LSB. Use standard macros. |
| 205 |
|
|
- added recursive remove of old build root as prep for install phase |
| 206 |
|
|
|
| 207 |
|
|
* Wed Apr 28 2004 Doncho N. Gunchev - 1.0.9-0.mr700 |
| 208 |
|
|
- dropped Requires: perl - rkhunter works without it |
| 209 |
|
|
- dropped the bash alignpatch (check the source or contact me) |
| 210 |
|
|
- various file mode fixes (.../tmp/, *.db) |
| 211 |
|
|
- optimized the %%files section - any new files in the |
| 212 |
|
|
current dirs will be fine - just %%{__install} them. |
| 213 |
|
|
|
| 214 |
|
|
* Mon Apr 26 2004 Michael Boelen - 1.0.8-0 |
| 215 |
|
|
- Fixed missing md5blacklist.dat |
| 216 |
|
|
|
| 217 |
|
|
* Mon Apr 19 2004 Doncho N. Gunchev - 1.0.6-1.mr700 |
| 218 |
|
|
- added missing /usr/local/rkhunter/db/md5blacklist.dat |
| 219 |
|
|
- patched to align results in --cronjob, I think rpm based |
| 220 |
|
|
distros have symlink /bin/sh -> /bin/bash |
| 221 |
|
|
- added --with/--without alignpatch for conditional builds |
| 222 |
|
|
(in case previous patch breaks something) |
| 223 |
|
|
|
| 224 |
|
|
* Sat Apr 03 2004 Michael Boelen / Joe Klemmer - 1.0.6-0 |
| 225 |
|
|
- Update to 1.0.6 |
| 226 |
|
|
|
| 227 |
|
|
* Mon Mar 29 2004 Doncho N. Gunchev - 1.0.0-0 |
| 228 |
|
|
- initial .spec file |
| 229 |
|
|
|
Parent Directory
| 
Revision Log
| 
Revision Graph
