/[smeserver]/rpms/rkhunter/sme8/rkhunter-1.3.8-smeconfig.patch
ViewVC logotype

Annotation of /rpms/rkhunter/sme8/rkhunter-1.3.8-smeconfig.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Apr 27 15:40:20 2011 UTC (13 years, 6 months ago) by slords
Branch: MAIN
CVS Tags: rkhunter-1_3_8-3_el5_sme, HEAD
* Wed Apr 27 2011 Shad L. Lords <slords@mail.com> 1.3.8-3.sme
- Set parameters for sme specific tests

1 slords 1.1 diff -up rkhunter-1.3.8/files/rkhunter.conf.smeconfig rkhunter-1.3.8/files/rkhunter.conf
2     --- rkhunter-1.3.8/files/rkhunter.conf.smeconfig 2010-11-13 13:25:22.000000000 -0700
3     +++ rkhunter-1.3.8/files/rkhunter.conf 2011-04-27 09:38:25.522680955 -0600
4     @@ -76,7 +76,7 @@ MIRRORS_MODE=0
5     # NOTE: This option should be present in the configuration file.
6     #
7     #MAIL-ON-WARNING=me@mydomain root@mydomain
8     -MAIL-ON-WARNING=""
9     +MAIL-ON-WARNING="root"
10    
11     #
12     # Specify the mail command to use if MAIL-ON-WARNING is set.
13     @@ -94,16 +94,19 @@ MAIL_CMD=mail -s "[rkhunter] Warnings fo
14     # sure that the directory permissions are tight.
15     #
16     #TMPDIR=/var/lib/rkhunter/tmp
17     +TMPDIR=/var/lib/rkhunter
18    
19     #
20     # Specify the database directory to use.
21     #
22     #DBDIR=/var/lib/rkhunter/db
23     +DBDIR=/var/lib/rkhunter/db
24    
25     #
26     # Specify the script directory to use.
27     #
28     #SCRIPTDIR=/usr/local/lib/rkhunter/scripts
29     +SCRIPTDIR=/usr/share/rkhunter/scripts
30    
31     #
32     # Specify the root directory to use.
33     @@ -155,13 +158,13 @@ UPDATE_LANG=""
34     #
35     # NOTE: This option should be present in the configuration file.
36     #
37     -LOGFILE=/var/log/rkhunter.log
38     +LOGFILE=/var/log/rkhunter/rkhunter.log
39    
40     #
41     # Set the following option to 1 if the log file is to be appended to
42     # whenever rkhunter is run.
43     #
44     -APPEND_LOG=0
45     +APPEND_LOG=1
46    
47     #
48     # Set the following option to 1 if the log file is to be copied when
49     @@ -213,7 +216,7 @@ WHITELISTED_IS_WHITE=0
50     # file, then a value here of 'unset' can be used to avoid warning messages.
51     # This option has a default value of 'no'.
52     #
53     -ALLOW_SSH_ROOT_USER=no
54     +ALLOW_SSH_ROOT_USER=unset
55    
56     #
57     # Set this option to '1' to allow the use of the SSH-1 protocol, but note
58     @@ -255,7 +258,7 @@ ALLOW_SSH_PROT_V1=0
59     # tests, the test names, and how rkhunter behaves when these options are used.
60     #
61     ENABLE_TESTS="all"
62     -DISABLE_TESTS="suspscan hidden_ports hidden_procs deleted_files packet_cap_apps"
63     +DISABLE_TESTS="apps suspscan system_commands"
64    
65     #
66     # The HASH_FUNC option can be used to specify the command to use
67     @@ -324,6 +327,7 @@ DISABLE_TESTS="suspscan hidden_ports hid
68     # Whenever this option is changed 'rkhunter --propupd' must be run.
69     #
70     #PKGMGR=NONE
71     +PKGMGR=RPM
72    
73     #
74     # It is possible that a file which is part of a package may be modified
75     @@ -466,6 +470,12 @@ DISABLE_TESTS="suspscan hidden_ports hid
76     #
77     #SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
78     #SCRIPTWHITELIST="/usr/bin/groups"
79     +SCRIPTWHITELIST=/usr/bin/whatis
80     +SCRIPTWHITELIST=/usr/bin/ldd
81     +SCRIPTWHITELIST=/usr/bin/groups
82     +SCRIPTWHITELIST=/usr/bin/GET
83     +SCRIPTWHITELIST=/sbin/ifup
84     +SCRIPTWHITELIST=/sbin/ifdown
85    
86     #
87     # Allow the specified commands to have the immutable attribute set.
88     @@ -495,6 +505,14 @@ IMMUTABLE_SET=0
89     #ALLOWHIDDENDIR="/dev/.initramfs"
90     #ALLOWHIDDENDIR="/dev/.SRC-unix"
91     #ALLOWHIDDENDIR="/dev/.mdadm"
92     +ALLOWHIDDENDIR=/dev/.udev
93     +ALLOWHIDDENDIR=/dev/.udevdb
94     +ALLOWHIDDENDIR=/dev/.udev.tdb
95     +ALLOWHIDDENDIR=/dev/.static
96     +ALLOWHIDDENDIR=/dev/.initramfs
97     +ALLOWHIDDENDIR=/dev/.SRC-unix
98     +ALLOWHIDDENDIR=/dev/.mdadm
99     +ALLOWHIDDENDIR=/dev/.systemd
100    
101     #
102     # Allow the specified hidden files to be whitelisted.
103     @@ -519,6 +537,25 @@ IMMUTABLE_SET=0
104     #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
105     #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
106     #ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
107     +ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz
108     +ALLOWHIDDENFILE=/lib*/.libcrypto.so.*.hmac
109     +ALLOWHIDDENFILE=/lib*/.libssl.so.*.hmac
110     +ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac
111     +ALLOWHIDDENFILE=/usr/bin/.ssh.hmac
112     +ALLOWHIDDENFILE=/usr/bin/.ssh-keygen.hmac
113     +ALLOWHIDDENFILE=/usr/bin/.ssh-keyscan.hmac
114     +ALLOWHIDDENFILE=/usr/bin/.ssh-add.hmac
115     +ALLOWHIDDENFILE=/usr/bin/.ssh-agent.hmac
116     +ALLOWHIDDENFILE=/usr/lib*/.libfipscheck.so.*.hmac
117     +ALLOWHIDDENFILE=/usr/lib*/.libgcrypt.so.*.hmac
118     +ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha1hmac.hmac
119     +ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha256hmac.hmac
120     +ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha384hmac.hmac
121     +ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha512hmac.hmac
122     +ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
123     +ALLOWHIDDENFILE=/dev/.mdadm.map
124     +ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
125     +ALLOWHIDDENFILE=/usr/sbin/.ipsec.hmac
126    
127     #
128     # Allow the specified processes to use deleted files. The
129     @@ -534,6 +571,13 @@ IMMUTABLE_SET=0
130     #ALLOWPROCDELFILE="/sbin/cardmgr /usr/sbin/gpm:/etc/X11/abc"
131     #ALLOWPROCDELFILE="/usr/libexec/gconfd-2"
132     #ALLOWPROCDELFILE="/usr/sbin/mysqld"
133     +ALLOWPROCDELFILE=(deleted)
134     +ALLOWPROCDELFILE=/usr/bin/freshclam
135     +ALLOWPROCDELFILE=/usr/bin/perl
136     +ALLOWPROCDELFILE=/usr/bin/python
137     +ALLOWPROCDELFILE=/usr/libexec/dovecot/imap
138     +ALLOWPROCDELFILE=/usr/sbin/asterisk
139     +ALLOWPROCDELFILE=/usr/sbin/httpd
140    
141     #
142     # Allow the specified processes to listen on any network interface.
143     @@ -541,8 +585,11 @@ IMMUTABLE_SET=0
144     # This is a space-separated list of process names. The option
145     # may be specified more than once.
146     #
147     -#ALLOWPROCLISTEN="/sbin/dhclient /usr/bin/dhcpcd"
148     -#ALLOWPROCLISTEN="/usr/sbin/pppoe /usr/sbin/tcpdump"
149     +ALLOWPROCLISTEN="/sbin/dhclient"
150     +ALLOWPROCLISTEN="/usr/sbin/dhcpd"
151     +#ALLOWPROCLISTEN="/usr/bin/dhcpcd"
152     +ALLOWPROCLISTEN="/usr/sbin/pppoe"
153     +#ALLOWPROCLISTEN="/usr/sbin/tcpdump"
154     #ALLOWPROCLISTEN="/usr/sbin/snort-plain"
155     #ALLOWPROCLISTEN="/usr/local/bin/wpa_supplicant"
156    
157     @@ -583,6 +630,8 @@ PHALANX2_DIRTEST=0
158     #
159     #ALLOWDEVFILE="/dev/shm/pulse-shm-*"
160     #ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
161     +ALLOWDEVFILE=/dev/shm/pulse-shm-*
162     +ALLOWDEVFILE=/dev/md/md-device-map
163    
164     #
165     # This setting tells rkhunter where the inetd configuration
166     @@ -686,7 +735,7 @@ PHALANX2_DIRTEST=0
167     # This is a space-separated list of pathnames. The option may
168     # be specified more than once.
169     #
170     -#SYSLOG_CONFIG_FILE=/etc/syslog.conf
171     +SYSLOG_CONFIG_FILE=/etc/syslog.conf
172    
173     #
174     # This option permits the use of syslog remote logging.
175     @@ -721,6 +770,7 @@ ALLOW_SYSLOG_REMOTE_LOGGING=0
176     # The option may be specified more than once.
177     #
178     #SUSPSCAN_DIRS="/tmp /var/tmp"
179     +SUSPSCAN_DIRS="/tmp /var/tmp"
180    
181     #
182     # Directory for temporary files. A memory-based one is better (faster).
183     @@ -783,7 +833,7 @@ SUSPSCAN_THRESH=200
184     # specified, then RKH will assume the O/S release information is on the
185     # first non-blank line of the file.
186     #
187     -#OS_VERSION_FILE="/etc/release"
188     +OS_VERSION_FILE="/etc/redhat-release"
189    
190     #
191     # The following two options can be used to whitelist files and directories
192     @@ -976,3 +1026,5 @@ SHOW_LOCK_MSGS=1
193     # both programs, then disable the 'hidden_procs' test.
194     #
195     #DISABLE_UNHIDE=0
196     +
197     +INSTALLDIR="/usr"

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed