1 |
# $Id: rkhunter.spec,v 1.12 2008/04/09 13:51:56 slords Exp $ |
2 |
|
3 |
Name: rkhunter |
4 |
Version: 1.3.4 |
5 |
Release: 6%{?dist} |
6 |
Summary: A host-based tool to scan for rootkits, backdoors and local exploits |
7 |
|
8 |
Group: Applications/System |
9 |
License: GPLv2+ |
10 |
URL: http://rkhunter.sourceforge.net/ |
11 |
Source0: http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.tar.gz |
12 |
Source1: http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.tar.gz.sha1.txt |
13 |
Source2: 01-rkhunter |
14 |
Source3: rkhunter.sysconfig |
15 |
Patch0: rkhunter-1.3.4-smeconfig.patch |
16 |
BuildArch: noarch |
17 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
18 |
|
19 |
Requires: coreutils, binutils, modutils, findutils, grep, mktemp |
20 |
Requires: e2fsprogs, procps, lsof, prelink, iproute, net-tools, wget |
21 |
Requires: perl, perl(strict), perl(IO::Socket), mailx, logrotate |
22 |
|
23 |
%description |
24 |
Rootkit Hunter (RKH) is an easy-to-use tool which checks |
25 |
computers running UNIX (clones) for the presence of rootkits |
26 |
and other unwanted tools. |
27 |
|
28 |
%prep |
29 |
|
30 |
%setup -q |
31 |
|
32 |
%patch0 -p1 |
33 |
|
34 |
%{__cat} <<'EOF' >%{name}.logrotate |
35 |
%{_localstatedir}/log/%{name}/%{name}.log { |
36 |
weekly |
37 |
notifempty |
38 |
create 640 root root |
39 |
} |
40 |
EOF |
41 |
|
42 |
%build |
43 |
# Nothing to be built |
44 |
|
45 |
%install |
46 |
%{__rm} -rf $RPM_BUILD_ROOT |
47 |
|
48 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_bindir} |
49 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_sysconfdir}/{cron.daily,sysconfig,logrotate.d} |
50 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts |
51 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version} |
52 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_mandir}/man8 |
53 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db |
54 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/run/%{name} |
55 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/log/%{name} |
56 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n |
57 |
|
58 |
%{__install} -m755 -p files/%{name} ${RPM_BUILD_ROOT}%{_bindir}/ |
59 |
|
60 |
%{__install} -m644 -p files/backdoorports.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
61 |
%{__install} -m644 -p files/defaulthashes.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
62 |
%{__install} -m644 -p files/md5blacklist.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
63 |
%{__install} -m644 -p files/mirrors.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
64 |
%{__install} -m644 -p files/os.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
65 |
%{__install} -m644 -p files/programs_bad.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
66 |
%{__install} -m644 -p files/programs_good.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
67 |
%{__install} -m644 -p files/i18n/cn ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/ |
68 |
%{__install} -m644 -p files/i18n/en ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/ |
69 |
|
70 |
%{__install} -m644 -p files/CHANGELOG ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/ |
71 |
%{__install} -m644 -p files/LICENSE ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/ |
72 |
%{__install} -m644 -p files/README ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/ |
73 |
%{__install} -m644 -p files/WISHLIST ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/ |
74 |
%{__install} -m755 -p files/check_modules.pl ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts/ |
75 |
%{__install} -m755 -p files/check_port.pl ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts/ |
76 |
%{__install} -m755 -p files/check_update.sh ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts/ |
77 |
%{__install} -m644 -p files/*.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/ |
78 |
# Don't ship these unless we want to Require the perl modules |
79 |
#%{__install} -m750 -p files/filehashmd5.pl ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/ |
80 |
#%{__install} -m750 -p files/filehashsha1.pl ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/ |
81 |
%{__install} -m755 -p files/showfiles.pl ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts/ |
82 |
%{__install} -m755 -p %{SOURCE2} ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/%{name} |
83 |
%{__install} -m644 -p %{name}.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} |
84 |
%{__install} -m640 -p files/%{name}.conf ${RPM_BUILD_ROOT}%{_sysconfdir}/ |
85 |
%{__install} -m640 -p %{SOURCE3} ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/%{name} |
86 |
|
87 |
%clean |
88 |
%{__rm} -rf $RPM_BUILD_ROOT |
89 |
|
90 |
%post |
91 |
# Only do this on an initial install |
92 |
if [ $1 -eq 1 ]; then |
93 |
%{__cp} -p /etc/passwd /var/lib/rkhunter/ >/dev/null 2>&1 || : |
94 |
%{__cp} -p /etc/group /var/lib/rkhunter/ >/dev/null 2>&1 || : |
95 |
fi |
96 |
|
97 |
%files |
98 |
%defattr(-,root,root,-) |
99 |
%doc %{_docdir}/%{name}-%{version}/* |
100 |
%{_bindir}/%{name} |
101 |
%dir %{_datadir}/%{name} |
102 |
%{_datadir}/%{name}/scripts |
103 |
%{_sysconfdir}/cron.daily/%{name} |
104 |
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} |
105 |
%dir %{_var}/lib/%{name} |
106 |
%{_var}/lib/%{name}/db |
107 |
%{_var}/lib/%{name}/db/i18n |
108 |
%dir %{_var}/run/%{name} |
109 |
%dir %{_var}/log/%{name} |
110 |
%config(noreplace) %{_sysconfdir}/%{name}.conf |
111 |
%config(noreplace) %{_sysconfdir}/sysconfig/%{name} |
112 |
%dir %{_docdir}/%{name}-%{version} |
113 |
%{_mandir}/man8/* |
114 |
|
115 |
%changelog |
116 |
* Thu Apr 2 2009 Shad L. Lords <slords@mail.com> 1.3.4-6 |
117 |
- Update to epel version of rkhunter |
118 |
- Set parameters for sme specific tests |
119 |
|
120 |
* Sun Mar 08 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-5 |
121 |
- Fix typo in patch file |
122 |
|
123 |
* Wed Mar 04 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-4 |
124 |
- Rework spec file |
125 |
- Add check for the new hmac ssh files |
126 |
|
127 |
* Thu Feb 26 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-3 |
128 |
- Update cron job to include hostname (thanks Manuel Wolfshant) |
129 |
|
130 |
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.4-2 |
131 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
132 |
|
133 |
* Fri Jan 02 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-1 |
134 |
- Update to 1.3.4 |
135 |
- Use libdir as tmp dir - bug #456340 |
136 |
|
137 |
* Sat Dec 13 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-6 |
138 |
- Fix cron job sending as attachment - bug #472679 |
139 |
- Fix cron job trying to send with colors - bug #475916 |
140 |
|
141 |
* Wed Sep 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-5 |
142 |
- Patch debug tmp file issue - bug #460628 |
143 |
|
144 |
* Mon Jun 16 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-4 |
145 |
- Fix cron script to only mail on warn/error - bug #450703 |
146 |
- Fix conditional to account for fc10 rsyslog |
147 |
|
148 |
* Mon Apr 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-3 |
149 |
- Change cron to run after prelink - bug #438622 |
150 |
|
151 |
* Wed Mar 26 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-2 |
152 |
- Move things to more standard locations for selinux - bug #438184 |
153 |
- Add exception for pulseaudio file - bug #438622 |
154 |
|
155 |
* Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-1 |
156 |
- Update to 1.3.2 |
157 |
- Fix cron script |
158 |
|
159 |
* Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-2 |
160 |
- Use /etc/redhat-release for EPEL and /etc/fedora release for Fedora. |
161 |
- Add conditionals to support EPEL |
162 |
- Fix man page warning. |
163 |
|
164 |
* Sun Feb 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-1 |
165 |
- Revive package, clean up spec |
166 |
- Update to 1.3.0 |
167 |
|
168 |
* Sat Mar 18 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-3 |
169 |
- Made an RPM transparent change to move the sha1 canary check |
170 |
file out of CVS and into the external lookaside cache (whose |
171 |
filename changes with every new package release anyway...) |
172 |
|
173 |
* Fri Mar 17 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-2 |
174 |
- Fixed architectural dependency during package creation eliminating |
175 |
use of _libdir configure macro (x86_64 /usr/lib64 mis-targeting) |
176 |
|
177 |
* Tue Mar 7 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-1 |
178 |
- New package version release |
179 |
- reworked the .spec file to support optional dist tag |
180 |
- Updated the application check default patchfile (chunk failure) |
181 |
- Changed to SHA1 for optional message digest (canary check) |
182 |
- Added a couple of suggested skip entries to rkhunter.conf |
183 |
|
184 |
* Mon Jun 11 2005 Greg Houlette <tamaster@pobox.com> - 1.2.7-1 |
185 |
- Added signature auto-updating to CRON scan (new script) |
186 |
- Removed BOOTSCAN pending rewrite to full SysV Init scan in background |
187 |
- Added the --append-log command line option |
188 |
- Added Date Stamping to output |
189 |
- Fixed bug in /etc/group missing report |
190 |
- New package version release |
191 |
|
192 |
* Sun Jan 2 2005 Greg Houlette <tamaster@tekarmory.com> - 0:1.1.9-1 |
193 |
- New package version release |
194 |
- Added the --run-application-check command line option |
195 |
to listing in command help |
196 |
- Replaced 'Here' Doc editing of rkhunter.conf file |
197 |
with in-place Perl edit |
198 |
- tweaked rpmbuild -bb Autoclean |
199 |
|
200 |
* Fri Oct 15 2004 Greg Houlette - 0:1.1.8-0.fdr.1 (revisited) |
201 |
- Removed redundant buildrequires /bin/sh, coreutils and perl |
202 |
- Revise postun scriptlet |
203 |
- Added /usr/share/doc/rkhunter-1.1.8/ to files list |
204 |
|
205 |
* Mon Oct 11 2004 Greg Houlette - 0:1.1.8-0.fdr.1 |
206 |
- Changed Release Tag to 0.fdr.1 (testing) for QA |
207 |
- Removed wget from dependencies |
208 |
- Hid (temporarily) the --skip-application-check command |
209 |
line option from being listed in help |
210 |
- Fixed the spec files list, again! |
211 |
|
212 |
* Fri Oct 8 2004 Greg Houlette - 0:1.1.8-0.fdr.0.2.beta2 |
213 |
- Unified and disabled the md5 canary check in prep |
214 |
(check is now optional) removing the sha1 cross-check |
215 |
- Fixed the spec files list, adding the /var/rkhunter |
216 |
directory and the /usr/bin/rkhunter executable |
217 |
- Fixed missing dependencies (rkh uses runtime checks) |
218 |
- Disabled "auto-clean" for rpmbuild -bb |
219 |
- Changed Application version scan default to |
220 |
disabled awaiting backport fix in upstream sources |
221 |
- Fixed shared_man_search.patch, configuration files |
222 |
verify and added postun(install) cleanup |
223 |
|
224 |
* Fri Oct 1 2004 Greg Houlette - 0:1.1.8-0.fdr.0.1.beta1 |
225 |
- More cosmetic patchwork |
226 |
- Changed Release Tag to beta1 (pre-release) for QA submit |
227 |
|
228 |
* Tue Sep 28 2004 Greg Houlette - 0:1.1.8-0.fdr.1 |
229 |
- Removed hidden_search.patch (1.1.7) after it was |
230 |
merged into upstream source by Michael Boelen |
231 |
- Removed .spec file from md5 and sha1 file checks |
232 |
(it must be modifiable by Fedora QA release build) |
233 |
- Added BOOTSCAN description file to documentation |
234 |
- Restructured dynamic file creation ('Here' Docs) |
235 |
moving them to the "prep" stage so that *_ALL_* |
236 |
files are available prior to the "build" stage |
237 |
(for inspection purposes) |
238 |
- Added a /etc/sysconfig/rkhunter parameters file |
239 |
|
240 |
* Sun Aug 29 2004 Greg Houlette - 0:1.1.7-0.fdr.1 |
241 |
- Cosmetic patchwork |
242 |
|
243 |
* Sat Aug 21 2004 Greg Houlette - 0:1.1.6-0.fdr.1 |
244 |
- Moderate reworking of .spec file for packaging standards |
245 |
- Added md5 and sha1 file checks to prep procedure for source .rpm |
246 |
- Included an optional rc.local replacement for scan on boot (with full logging) |
247 |
|
248 |
* Tue Aug 10 2004 Michael Boelen - 1.1.5 |
249 |
- Added update script |
250 |
- Extended description |
251 |
|
252 |
* Sun Aug 08 2004 Greg Houlette - 1.1.5 |
253 |
- Changed the install procedure eliminating the specification of |
254 |
destination filenames (only needed if you are renaming during install) |
255 |
- Changed the permissions for documentation files (root only overkill) |
256 |
- Added the installation of the rkhunter Man Page |
257 |
- Added the installation of the programs_{bad, good}.dat database files |
258 |
- Added the installation of the LICENSE documentation file |
259 |
- Added the chmod for root only to the /var/rkhunter/db directory |
260 |
|
261 |
* Sun May 23 2004 Craig Orsinger (cjo) <cjorsinger@earthlink.net> |
262 |
- version 1.1.0-1.cjo |
263 |
- changed installation in accordance with new rootkit installation |
264 |
procedure |
265 |
- changed installation root to conform to LSB. Use standard macros. |
266 |
- added recursive remove of old build root as prep for install phase |
267 |
|
268 |
* Wed Apr 28 2004 Doncho N. Gunchev - 1.0.9-0.mr700 |
269 |
- dropped Requires: perl - rkhunter works without it |
270 |
- dropped the bash alignpatch (check the source or contact me) |
271 |
- various file mode fixes (.../tmp/, *.db) |
272 |
- optimized the %%files section - any new files in the |
273 |
current dirs will be fine - just %%{__install} them. |
274 |
|
275 |
* Mon Apr 26 2004 Michael Boelen - 1.0.8-0 |
276 |
- Fixed missing md5blacklist.dat |
277 |
|
278 |
* Mon Apr 19 2004 Doncho N. Gunchev - 1.0.6-1.mr700 |
279 |
- added missing /usr/local/rkhunter/db/md5blacklist.dat |
280 |
- patched to align results in --cronjob, I think rpm based |
281 |
distros have symlink /bin/sh -> /bin/bash |
282 |
- added --with/--without alignpatch for conditional builds |
283 |
(in case previous patch breaks something) |
284 |
|
285 |
* Sat Apr 03 2004 Michael Boelen / Joe Klemmer - 1.0.6-0 |
286 |
- Update to 1.0.6 |
287 |
|
288 |
* Mon Mar 29 2004 Doncho N. Gunchev - 1.0.0-0 |
289 |
- initial .spec file |