1 |
slords |
1.13 |
Name: rkhunter |
2 |
slords |
1.16 |
Version: 1.3.8 |
3 |
|
|
Release: 3%{?dist} |
4 |
slords |
1.13 |
Summary: A host-based tool to scan for rootkits, backdoors and local exploits |
5 |
|
|
|
6 |
|
|
Group: Applications/System |
7 |
|
|
License: GPLv2+ |
8 |
|
|
URL: http://rkhunter.sourceforge.net/ |
9 |
|
|
Source0: http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.tar.gz |
10 |
|
|
Source2: 01-rkhunter |
11 |
|
|
Source3: rkhunter.sysconfig |
12 |
slords |
1.17 |
Patch0: rkhunter-1.3.8-smeconfig.patch |
13 |
slords |
1.13 |
BuildArch: noarch |
14 |
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
15 |
|
|
|
16 |
|
|
Requires: coreutils, binutils, modutils, findutils, grep, mktemp |
17 |
|
|
Requires: e2fsprogs, procps, lsof, prelink, iproute, net-tools, wget |
18 |
|
|
Requires: perl, perl(strict), perl(IO::Socket), mailx, logrotate |
19 |
slords |
1.1 |
|
20 |
|
|
%description |
21 |
slords |
1.13 |
Rootkit Hunter (RKH) is an easy-to-use tool which checks |
22 |
|
|
computers running UNIX (clones) for the presence of rootkits |
23 |
|
|
and other unwanted tools. |
24 |
slords |
1.1 |
|
25 |
slords |
1.13 |
%prep |
26 |
slords |
1.1 |
|
27 |
slords |
1.13 |
%setup -q |
28 |
slords |
1.1 |
|
29 |
slords |
1.17 |
#%patch0 -p1 |
30 |
slords |
1.13 |
|
31 |
|
|
%{__cat} <<'EOF' >%{name}.logrotate |
32 |
|
|
%{_localstatedir}/log/%{name}/%{name}.log { |
33 |
|
|
weekly |
34 |
|
|
notifempty |
35 |
|
|
create 640 root root |
36 |
|
|
} |
37 |
|
|
EOF |
38 |
slords |
1.1 |
|
39 |
|
|
%build |
40 |
slords |
1.13 |
# Nothing to be built |
41 |
slords |
1.1 |
|
42 |
|
|
%install |
43 |
slords |
1.13 |
%{__rm} -rf $RPM_BUILD_ROOT |
44 |
slords |
1.9 |
|
45 |
slords |
1.13 |
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_bindir} |
46 |
|
|
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_sysconfdir}/{cron.daily,sysconfig,logrotate.d} |
47 |
|
|
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts |
48 |
|
|
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version} |
49 |
|
|
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_mandir}/man8 |
50 |
|
|
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db |
51 |
|
|
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/log/%{name} |
52 |
|
|
%{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n |
53 |
|
|
|
54 |
|
|
%{__install} -m755 -p files/%{name} ${RPM_BUILD_ROOT}%{_bindir}/ |
55 |
|
|
|
56 |
|
|
%{__install} -m644 -p files/backdoorports.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
57 |
|
|
%{__install} -m644 -p files/mirrors.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
58 |
|
|
%{__install} -m644 -p files/programs_bad.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/ |
59 |
|
|
%{__install} -m644 -p files/i18n/cn ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/ |
60 |
|
|
%{__install} -m644 -p files/i18n/en ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/ |
61 |
|
|
|
62 |
|
|
%{__install} -m644 -p files/CHANGELOG ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/ |
63 |
|
|
%{__install} -m644 -p files/LICENSE ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/ |
64 |
|
|
%{__install} -m644 -p files/README ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/ |
65 |
|
|
%{__install} -m755 -p files/check_modules.pl ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts/ |
66 |
|
|
%{__install} -m644 -p files/*.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/ |
67 |
|
|
# Don't ship these unless we want to Require the perl modules |
68 |
|
|
#%{__install} -m750 -p files/filehashmd5.pl ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/ |
69 |
|
|
#%{__install} -m750 -p files/filehashsha1.pl ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/ |
70 |
|
|
%{__install} -m755 -p %{SOURCE2} ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/%{name} |
71 |
|
|
%{__install} -m644 -p %{name}.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} |
72 |
|
|
%{__install} -m640 -p files/%{name}.conf ${RPM_BUILD_ROOT}%{_sysconfdir}/ |
73 |
|
|
%{__install} -m640 -p %{SOURCE3} ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/%{name} |
74 |
slords |
1.1 |
|
75 |
slords |
1.13 |
%clean |
76 |
|
|
%{__rm} -rf $RPM_BUILD_ROOT |
77 |
slords |
1.1 |
|
78 |
slords |
1.2 |
%files |
79 |
slords |
1.13 |
%defattr(-,root,root,-) |
80 |
|
|
%doc %{_docdir}/%{name}-%{version}/* |
81 |
|
|
%{_bindir}/%{name} |
82 |
|
|
%dir %{_datadir}/%{name} |
83 |
|
|
%{_datadir}/%{name}/scripts |
84 |
|
|
%{_sysconfdir}/cron.daily/%{name} |
85 |
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} |
86 |
|
|
%dir %{_var}/lib/%{name} |
87 |
|
|
%{_var}/lib/%{name}/db |
88 |
|
|
%{_var}/lib/%{name}/db/i18n |
89 |
|
|
%dir %{_var}/log/%{name} |
90 |
|
|
%config(noreplace) %{_sysconfdir}/%{name}.conf |
91 |
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/%{name} |
92 |
|
|
%dir %{_docdir}/%{name}-%{version} |
93 |
|
|
%{_mandir}/man8/* |
94 |
slords |
1.1 |
|
95 |
slords |
1.2 |
%changelog |
96 |
slords |
1.17 |
* Wed Apr 27 2011 Shad L. Lords <slords@mail.com> 1.3.8-3.sme |
97 |
|
|
- Set parameters for sme specific tests |
98 |
|
|
|
99 |
slords |
1.16 |
* Wed Dec 08 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-3 |
100 |
|
|
- Adjust ssh config to the right default. |
101 |
|
|
|
102 |
|
|
* Tue Dec 07 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-2 |
103 |
|
|
- Adjust config some - bug #596775 |
104 |
|
|
|
105 |
|
|
* Fri Nov 26 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-1 |
106 |
|
|
- Update to 1.3.8 |
107 |
|
|
|
108 |
|
|
* Wed Nov 24 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-9 |
109 |
|
|
- Drop /var/run as it's not used anymore - bug #656684 |
110 |
|
|
|
111 |
|
|
* Wed Oct 06 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-8 |
112 |
|
|
- Add patch to make rkhunter use unhide if installed - bug #636396 |
113 |
|
|
|
114 |
|
|
* Sat Jun 05 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-7 |
115 |
|
|
- Add ipsec.hmac exclude - bug #560594 |
116 |
|
|
|
117 |
|
|
* Fri May 28 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-6 |
118 |
|
|
- Add exclude for md-device-map - bug #596731 |
119 |
|
|
- Supress ssh version check - bug #596775 |
120 |
|
|
|
121 |
|
|
* Sat Mar 06 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-5 |
122 |
|
|
- Change config to not specify XINETD_PATH - bug #560562 |
123 |
|
|
|
124 |
|
|
* Sat Jan 23 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-4 |
125 |
|
|
- Change email to just root instead of root@localhost - bug #553179 |
126 |
|
|
- Add .k5login.5.gz to files whitelist - bug #553134 |
127 |
|
|
|
128 |
|
|
* Tue Jan 05 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-3 |
129 |
|
|
- Add some more ssh hmac files to whitelist - bug #552621 |
130 |
|
|
- Re-add /dev/.mdadm.map to whitelisted files - bug #539405 |
131 |
|
|
|
132 |
|
|
* Tue Dec 01 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.6-2 |
133 |
|
|
- Disable apps check by default - bug #543065 |
134 |
|
|
|
135 |
|
|
* Sun Nov 29 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.6-1 |
136 |
|
|
- Update to 1.3.6 |
137 |
|
|
|
138 |
|
|
* Thu Nov 26 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-9 |
139 |
|
|
- Add exception for /dev/.mdadm file - bug #539405 |
140 |
|
|
|
141 |
|
|
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.4-8 |
142 |
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
143 |
snetram |
1.15 |
|
144 |
slords |
1.16 |
* Fri Jul 03 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-7 |
145 |
|
|
- Add exception for software raid udev file - bug #509253 |
146 |
snetram |
1.14 |
|
147 |
slords |
1.16 |
* Sat Jun 06 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-6 |
148 |
|
|
- Add /usr/bin/.fipscheck.hmac to ok files - bug #494096 |
149 |
slords |
1.1 |
|
150 |
slords |
1.13 |
* Sun Mar 08 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-5 |
151 |
|
|
- Fix typo in patch file |
152 |
slords |
1.1 |
|
153 |
slords |
1.13 |
* Wed Mar 04 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-4 |
154 |
|
|
- Rework spec file |
155 |
|
|
- Add check for the new hmac ssh files |
156 |
|
|
|
157 |
|
|
* Thu Feb 26 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-3 |
158 |
|
|
- Update cron job to include hostname (thanks Manuel Wolfshant) |
159 |
|
|
|
160 |
|
|
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.4-2 |
161 |
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
162 |
|
|
|
163 |
|
|
* Fri Jan 02 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-1 |
164 |
|
|
- Update to 1.3.4 |
165 |
|
|
- Use libdir as tmp dir - bug #456340 |
166 |
|
|
|
167 |
|
|
* Sat Dec 13 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-6 |
168 |
|
|
- Fix cron job sending as attachment - bug #472679 |
169 |
|
|
- Fix cron job trying to send with colors - bug #475916 |
170 |
|
|
|
171 |
|
|
* Wed Sep 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-5 |
172 |
|
|
- Patch debug tmp file issue - bug #460628 |
173 |
|
|
|
174 |
|
|
* Mon Jun 16 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-4 |
175 |
|
|
- Fix cron script to only mail on warn/error - bug #450703 |
176 |
|
|
- Fix conditional to account for fc10 rsyslog |
177 |
|
|
|
178 |
|
|
* Mon Apr 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-3 |
179 |
|
|
- Change cron to run after prelink - bug #438622 |
180 |
|
|
|
181 |
|
|
* Wed Mar 26 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-2 |
182 |
|
|
- Move things to more standard locations for selinux - bug #438184 |
183 |
|
|
- Add exception for pulseaudio file - bug #438622 |
184 |
|
|
|
185 |
|
|
* Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-1 |
186 |
|
|
- Update to 1.3.2 |
187 |
|
|
- Fix cron script |
188 |
|
|
|
189 |
|
|
* Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-2 |
190 |
|
|
- Use /etc/redhat-release for EPEL and /etc/fedora release for Fedora. |
191 |
|
|
- Add conditionals to support EPEL |
192 |
|
|
- Fix man page warning. |
193 |
|
|
|
194 |
|
|
* Sun Feb 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-1 |
195 |
|
|
- Revive package, clean up spec |
196 |
|
|
- Update to 1.3.0 |
197 |
|
|
|
198 |
|
|
* Sat Mar 18 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-3 |
199 |
|
|
- Made an RPM transparent change to move the sha1 canary check |
200 |
|
|
file out of CVS and into the external lookaside cache (whose |
201 |
|
|
filename changes with every new package release anyway...) |
202 |
|
|
|
203 |
|
|
* Fri Mar 17 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-2 |
204 |
|
|
- Fixed architectural dependency during package creation eliminating |
205 |
|
|
use of _libdir configure macro (x86_64 /usr/lib64 mis-targeting) |
206 |
|
|
|
207 |
|
|
* Tue Mar 7 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-1 |
208 |
|
|
- New package version release |
209 |
|
|
- reworked the .spec file to support optional dist tag |
210 |
|
|
- Updated the application check default patchfile (chunk failure) |
211 |
|
|
- Changed to SHA1 for optional message digest (canary check) |
212 |
|
|
- Added a couple of suggested skip entries to rkhunter.conf |
213 |
|
|
|
214 |
|
|
* Mon Jun 11 2005 Greg Houlette <tamaster@pobox.com> - 1.2.7-1 |
215 |
|
|
- Added signature auto-updating to CRON scan (new script) |
216 |
|
|
- Removed BOOTSCAN pending rewrite to full SysV Init scan in background |
217 |
|
|
- Added the --append-log command line option |
218 |
|
|
- Added Date Stamping to output |
219 |
|
|
- Fixed bug in /etc/group missing report |
220 |
|
|
- New package version release |
221 |
|
|
|
222 |
|
|
* Sun Jan 2 2005 Greg Houlette <tamaster@tekarmory.com> - 0:1.1.9-1 |
223 |
|
|
- New package version release |
224 |
|
|
- Added the --run-application-check command line option |
225 |
|
|
to listing in command help |
226 |
|
|
- Replaced 'Here' Doc editing of rkhunter.conf file |
227 |
|
|
with in-place Perl edit |
228 |
|
|
- tweaked rpmbuild -bb Autoclean |
229 |
|
|
|
230 |
|
|
* Fri Oct 15 2004 Greg Houlette - 0:1.1.8-0.fdr.1 (revisited) |
231 |
|
|
- Removed redundant buildrequires /bin/sh, coreutils and perl |
232 |
|
|
- Revise postun scriptlet |
233 |
|
|
- Added /usr/share/doc/rkhunter-1.1.8/ to files list |
234 |
|
|
|
235 |
|
|
* Mon Oct 11 2004 Greg Houlette - 0:1.1.8-0.fdr.1 |
236 |
|
|
- Changed Release Tag to 0.fdr.1 (testing) for QA |
237 |
|
|
- Removed wget from dependencies |
238 |
|
|
- Hid (temporarily) the --skip-application-check command |
239 |
|
|
line option from being listed in help |
240 |
|
|
- Fixed the spec files list, again! |
241 |
|
|
|
242 |
|
|
* Fri Oct 8 2004 Greg Houlette - 0:1.1.8-0.fdr.0.2.beta2 |
243 |
|
|
- Unified and disabled the md5 canary check in prep |
244 |
|
|
(check is now optional) removing the sha1 cross-check |
245 |
|
|
- Fixed the spec files list, adding the /var/rkhunter |
246 |
|
|
directory and the /usr/bin/rkhunter executable |
247 |
|
|
- Fixed missing dependencies (rkh uses runtime checks) |
248 |
|
|
- Disabled "auto-clean" for rpmbuild -bb |
249 |
|
|
- Changed Application version scan default to |
250 |
|
|
disabled awaiting backport fix in upstream sources |
251 |
|
|
- Fixed shared_man_search.patch, configuration files |
252 |
|
|
verify and added postun(install) cleanup |
253 |
|
|
|
254 |
|
|
* Fri Oct 1 2004 Greg Houlette - 0:1.1.8-0.fdr.0.1.beta1 |
255 |
|
|
- More cosmetic patchwork |
256 |
|
|
- Changed Release Tag to beta1 (pre-release) for QA submit |
257 |
|
|
|
258 |
|
|
* Tue Sep 28 2004 Greg Houlette - 0:1.1.8-0.fdr.1 |
259 |
|
|
- Removed hidden_search.patch (1.1.7) after it was |
260 |
|
|
merged into upstream source by Michael Boelen |
261 |
|
|
- Removed .spec file from md5 and sha1 file checks |
262 |
|
|
(it must be modifiable by Fedora QA release build) |
263 |
|
|
- Added BOOTSCAN description file to documentation |
264 |
|
|
- Restructured dynamic file creation ('Here' Docs) |
265 |
|
|
moving them to the "prep" stage so that *_ALL_* |
266 |
|
|
files are available prior to the "build" stage |
267 |
|
|
(for inspection purposes) |
268 |
|
|
- Added a /etc/sysconfig/rkhunter parameters file |
269 |
|
|
|
270 |
|
|
* Sun Aug 29 2004 Greg Houlette - 0:1.1.7-0.fdr.1 |
271 |
|
|
- Cosmetic patchwork |
272 |
|
|
|
273 |
|
|
* Sat Aug 21 2004 Greg Houlette - 0:1.1.6-0.fdr.1 |
274 |
|
|
- Moderate reworking of .spec file for packaging standards |
275 |
|
|
- Added md5 and sha1 file checks to prep procedure for source .rpm |
276 |
|
|
- Included an optional rc.local replacement for scan on boot (with full logging) |
277 |
slords |
1.1 |
|
278 |
|
|
* Tue Aug 10 2004 Michael Boelen - 1.1.5 |
279 |
|
|
- Added update script |
280 |
|
|
- Extended description |
281 |
|
|
|
282 |
|
|
* Sun Aug 08 2004 Greg Houlette - 1.1.5 |
283 |
|
|
- Changed the install procedure eliminating the specification of |
284 |
|
|
destination filenames (only needed if you are renaming during install) |
285 |
|
|
- Changed the permissions for documentation files (root only overkill) |
286 |
|
|
- Added the installation of the rkhunter Man Page |
287 |
|
|
- Added the installation of the programs_{bad, good}.dat database files |
288 |
|
|
- Added the installation of the LICENSE documentation file |
289 |
|
|
- Added the chmod for root only to the /var/rkhunter/db directory |
290 |
|
|
|
291 |
|
|
* Sun May 23 2004 Craig Orsinger (cjo) <cjorsinger@earthlink.net> |
292 |
|
|
- version 1.1.0-1.cjo |
293 |
|
|
- changed installation in accordance with new rootkit installation |
294 |
|
|
procedure |
295 |
|
|
- changed installation root to conform to LSB. Use standard macros. |
296 |
|
|
- added recursive remove of old build root as prep for install phase |
297 |
|
|
|
298 |
|
|
* Wed Apr 28 2004 Doncho N. Gunchev - 1.0.9-0.mr700 |
299 |
|
|
- dropped Requires: perl - rkhunter works without it |
300 |
|
|
- dropped the bash alignpatch (check the source or contact me) |
301 |
|
|
- various file mode fixes (.../tmp/, *.db) |
302 |
|
|
- optimized the %%files section - any new files in the |
303 |
|
|
current dirs will be fine - just %%{__install} them. |
304 |
|
|
|
305 |
|
|
* Mon Apr 26 2004 Michael Boelen - 1.0.8-0 |
306 |
|
|
- Fixed missing md5blacklist.dat |
307 |
|
|
|
308 |
|
|
* Mon Apr 19 2004 Doncho N. Gunchev - 1.0.6-1.mr700 |
309 |
|
|
- added missing /usr/local/rkhunter/db/md5blacklist.dat |
310 |
|
|
- patched to align results in --cronjob, I think rpm based |
311 |
|
|
distros have symlink /bin/sh -> /bin/bash |
312 |
|
|
- added --with/--without alignpatch for conditional builds |
313 |
|
|
(in case previous patch breaks something) |
314 |
|
|
|
315 |
|
|
* Sat Apr 03 2004 Michael Boelen / Joe Klemmer - 1.0.6-0 |
316 |
|
|
- Update to 1.0.6 |
317 |
|
|
|
318 |
|
|
* Mon Mar 29 2004 Doncho N. Gunchev - 1.0.0-0 |
319 |
|
|
- initial .spec file |