/[smeserver]/rpms/rkhunter/sme8/rkhunter.spec
ViewVC logotype

Annotation of /rpms/rkhunter/sme8/rkhunter.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.17 - (hide annotations) (download)
Wed Apr 27 15:40:20 2011 UTC (13 years, 6 months ago) by slords
Branch: MAIN
CVS Tags: rkhunter-1_3_8-3_el5_sme, HEAD
Changes since 1.16: +5 -2 lines
* Wed Apr 27 2011 Shad L. Lords <slords@mail.com> 1.3.8-3.sme
- Set parameters for sme specific tests

1 slords 1.13 Name: rkhunter
2 slords 1.16 Version: 1.3.8
3     Release: 3%{?dist}
4 slords 1.13 Summary: A host-based tool to scan for rootkits, backdoors and local exploits
5    
6     Group: Applications/System
7     License: GPLv2+
8     URL: http://rkhunter.sourceforge.net/
9     Source0: http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.tar.gz
10     Source2: 01-rkhunter
11     Source3: rkhunter.sysconfig
12 slords 1.17 Patch0: rkhunter-1.3.8-smeconfig.patch
13 slords 1.13 BuildArch: noarch
14     BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
15    
16     Requires: coreutils, binutils, modutils, findutils, grep, mktemp
17     Requires: e2fsprogs, procps, lsof, prelink, iproute, net-tools, wget
18     Requires: perl, perl(strict), perl(IO::Socket), mailx, logrotate
19 slords 1.1
20     %description
21 slords 1.13 Rootkit Hunter (RKH) is an easy-to-use tool which checks
22     computers running UNIX (clones) for the presence of rootkits
23     and other unwanted tools.
24 slords 1.1
25 slords 1.13 %prep
26 slords 1.1
27 slords 1.13 %setup -q
28 slords 1.1
29 slords 1.17 #%patch0 -p1
30 slords 1.13
31     %{__cat} <<'EOF' >%{name}.logrotate
32     %{_localstatedir}/log/%{name}/%{name}.log {
33     weekly
34     notifempty
35     create 640 root root
36     }
37     EOF
38 slords 1.1
39     %build
40 slords 1.13 # Nothing to be built
41 slords 1.1
42     %install
43 slords 1.13 %{__rm} -rf $RPM_BUILD_ROOT
44 slords 1.9
45 slords 1.13 %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_bindir}
46     %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_sysconfdir}/{cron.daily,sysconfig,logrotate.d}
47     %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts
48     %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}
49     %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_mandir}/man8
50     %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db
51     %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/log/%{name}
52     %{__mkdir} -m755 -p ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n
53    
54     %{__install} -m755 -p files/%{name} ${RPM_BUILD_ROOT}%{_bindir}/
55    
56     %{__install} -m644 -p files/backdoorports.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
57     %{__install} -m644 -p files/mirrors.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
58     %{__install} -m644 -p files/programs_bad.dat ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/
59     %{__install} -m644 -p files/i18n/cn ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/
60     %{__install} -m644 -p files/i18n/en ${RPM_BUILD_ROOT}%{_var}/lib/%{name}/db/i18n/
61    
62     %{__install} -m644 -p files/CHANGELOG ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
63     %{__install} -m644 -p files/LICENSE ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
64     %{__install} -m644 -p files/README ${RPM_BUILD_ROOT}%{_docdir}/%{name}-%{version}/
65     %{__install} -m755 -p files/check_modules.pl ${RPM_BUILD_ROOT}%{_datadir}/%{name}/scripts/
66     %{__install} -m644 -p files/*.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
67     # Don't ship these unless we want to Require the perl modules
68     #%{__install} -m750 -p files/filehashmd5.pl ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/
69     #%{__install} -m750 -p files/filehashsha1.pl ${RPM_BUILD_ROOT}%{_prefix}/lib/%{name}/scripts/
70     %{__install} -m755 -p %{SOURCE2} ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/%{name}
71     %{__install} -m644 -p %{name}.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name}
72     %{__install} -m640 -p files/%{name}.conf ${RPM_BUILD_ROOT}%{_sysconfdir}/
73     %{__install} -m640 -p %{SOURCE3} ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/%{name}
74 slords 1.1
75 slords 1.13 %clean
76     %{__rm} -rf $RPM_BUILD_ROOT
77 slords 1.1
78 slords 1.2 %files
79 slords 1.13 %defattr(-,root,root,-)
80     %doc %{_docdir}/%{name}-%{version}/*
81     %{_bindir}/%{name}
82     %dir %{_datadir}/%{name}
83     %{_datadir}/%{name}/scripts
84     %{_sysconfdir}/cron.daily/%{name}
85     %config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
86     %dir %{_var}/lib/%{name}
87     %{_var}/lib/%{name}/db
88     %{_var}/lib/%{name}/db/i18n
89     %dir %{_var}/log/%{name}
90     %config(noreplace) %{_sysconfdir}/%{name}.conf
91     %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
92     %dir %{_docdir}/%{name}-%{version}
93     %{_mandir}/man8/*
94 slords 1.1
95 slords 1.2 %changelog
96 slords 1.17 * Wed Apr 27 2011 Shad L. Lords <slords@mail.com> 1.3.8-3.sme
97     - Set parameters for sme specific tests
98    
99 slords 1.16 * Wed Dec 08 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-3
100     - Adjust ssh config to the right default.
101    
102     * Tue Dec 07 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-2
103     - Adjust config some - bug #596775
104    
105     * Fri Nov 26 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.8-1
106     - Update to 1.3.8
107    
108     * Wed Nov 24 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-9
109     - Drop /var/run as it's not used anymore - bug #656684
110    
111     * Wed Oct 06 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-8
112     - Add patch to make rkhunter use unhide if installed - bug #636396
113    
114     * Sat Jun 05 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-7
115     - Add ipsec.hmac exclude - bug #560594
116    
117     * Fri May 28 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-6
118     - Add exclude for md-device-map - bug #596731
119     - Supress ssh version check - bug #596775
120    
121     * Sat Mar 06 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-5
122     - Change config to not specify XINETD_PATH - bug #560562
123    
124     * Sat Jan 23 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-4
125     - Change email to just root instead of root@localhost - bug #553179
126     - Add .k5login.5.gz to files whitelist - bug #553134
127    
128     * Tue Jan 05 2010 Kevin Fenzi <kevin@tummy.com> - 1.3.6-3
129     - Add some more ssh hmac files to whitelist - bug #552621
130     - Re-add /dev/.mdadm.map to whitelisted files - bug #539405
131    
132     * Tue Dec 01 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.6-2
133     - Disable apps check by default - bug #543065
134    
135     * Sun Nov 29 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.6-1
136     - Update to 1.3.6
137    
138     * Thu Nov 26 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-9
139     - Add exception for /dev/.mdadm file - bug #539405
140    
141     * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.4-8
142     - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
143 snetram 1.15
144 slords 1.16 * Fri Jul 03 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-7
145     - Add exception for software raid udev file - bug #509253
146 snetram 1.14
147 slords 1.16 * Sat Jun 06 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-6
148     - Add /usr/bin/.fipscheck.hmac to ok files - bug #494096
149 slords 1.1
150 slords 1.13 * Sun Mar 08 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-5
151     - Fix typo in patch file
152 slords 1.1
153 slords 1.13 * Wed Mar 04 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-4
154     - Rework spec file
155     - Add check for the new hmac ssh files
156    
157     * Thu Feb 26 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-3
158     - Update cron job to include hostname (thanks Manuel Wolfshant)
159    
160     * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.4-2
161     - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
162    
163     * Fri Jan 02 2009 Kevin Fenzi <kevin@tummy.com> - 1.3.4-1
164     - Update to 1.3.4
165     - Use libdir as tmp dir - bug #456340
166    
167     * Sat Dec 13 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-6
168     - Fix cron job sending as attachment - bug #472679
169     - Fix cron job trying to send with colors - bug #475916
170    
171     * Wed Sep 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-5
172     - Patch debug tmp file issue - bug #460628
173    
174     * Mon Jun 16 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-4
175     - Fix cron script to only mail on warn/error - bug #450703
176     - Fix conditional to account for fc10 rsyslog
177    
178     * Mon Apr 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-3
179     - Change cron to run after prelink - bug #438622
180    
181     * Wed Mar 26 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-2
182     - Move things to more standard locations for selinux - bug #438184
183     - Add exception for pulseaudio file - bug #438622
184    
185     * Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.2-1
186     - Update to 1.3.2
187     - Fix cron script
188    
189     * Thu Feb 28 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-2
190     - Use /etc/redhat-release for EPEL and /etc/fedora release for Fedora.
191     - Add conditionals to support EPEL
192     - Fix man page warning.
193    
194     * Sun Feb 03 2008 Kevin Fenzi <kevin@tummy.com> - 1.3.0-1
195     - Revive package, clean up spec
196     - Update to 1.3.0
197    
198     * Sat Mar 18 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-3
199     - Made an RPM transparent change to move the sha1 canary check
200     file out of CVS and into the external lookaside cache (whose
201     filename changes with every new package release anyway...)
202    
203     * Fri Mar 17 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-2
204     - Fixed architectural dependency during package creation eliminating
205     use of _libdir configure macro (x86_64 /usr/lib64 mis-targeting)
206    
207     * Tue Mar 7 2006 Greg Houlette <tamaster@pobox.com> - 1.2.8-1
208     - New package version release
209     - reworked the .spec file to support optional dist tag
210     - Updated the application check default patchfile (chunk failure)
211     - Changed to SHA1 for optional message digest (canary check)
212     - Added a couple of suggested skip entries to rkhunter.conf
213    
214     * Mon Jun 11 2005 Greg Houlette <tamaster@pobox.com> - 1.2.7-1
215     - Added signature auto-updating to CRON scan (new script)
216     - Removed BOOTSCAN pending rewrite to full SysV Init scan in background
217     - Added the --append-log command line option
218     - Added Date Stamping to output
219     - Fixed bug in /etc/group missing report
220     - New package version release
221    
222     * Sun Jan 2 2005 Greg Houlette <tamaster@tekarmory.com> - 0:1.1.9-1
223     - New package version release
224     - Added the --run-application-check command line option
225     to listing in command help
226     - Replaced 'Here' Doc editing of rkhunter.conf file
227     with in-place Perl edit
228     - tweaked rpmbuild -bb Autoclean
229    
230     * Fri Oct 15 2004 Greg Houlette - 0:1.1.8-0.fdr.1 (revisited)
231     - Removed redundant buildrequires /bin/sh, coreutils and perl
232     - Revise postun scriptlet
233     - Added /usr/share/doc/rkhunter-1.1.8/ to files list
234    
235     * Mon Oct 11 2004 Greg Houlette - 0:1.1.8-0.fdr.1
236     - Changed Release Tag to 0.fdr.1 (testing) for QA
237     - Removed wget from dependencies
238     - Hid (temporarily) the --skip-application-check command
239     line option from being listed in help
240     - Fixed the spec files list, again!
241    
242     * Fri Oct 8 2004 Greg Houlette - 0:1.1.8-0.fdr.0.2.beta2
243     - Unified and disabled the md5 canary check in prep
244     (check is now optional) removing the sha1 cross-check
245     - Fixed the spec files list, adding the /var/rkhunter
246     directory and the /usr/bin/rkhunter executable
247     - Fixed missing dependencies (rkh uses runtime checks)
248     - Disabled "auto-clean" for rpmbuild -bb
249     - Changed Application version scan default to
250     disabled awaiting backport fix in upstream sources
251     - Fixed shared_man_search.patch, configuration files
252     verify and added postun(install) cleanup
253    
254     * Fri Oct 1 2004 Greg Houlette - 0:1.1.8-0.fdr.0.1.beta1
255     - More cosmetic patchwork
256     - Changed Release Tag to beta1 (pre-release) for QA submit
257    
258     * Tue Sep 28 2004 Greg Houlette - 0:1.1.8-0.fdr.1
259     - Removed hidden_search.patch (1.1.7) after it was
260     merged into upstream source by Michael Boelen
261     - Removed .spec file from md5 and sha1 file checks
262     (it must be modifiable by Fedora QA release build)
263     - Added BOOTSCAN description file to documentation
264     - Restructured dynamic file creation ('Here' Docs)
265     moving them to the "prep" stage so that *_ALL_*
266     files are available prior to the "build" stage
267     (for inspection purposes)
268     - Added a /etc/sysconfig/rkhunter parameters file
269    
270     * Sun Aug 29 2004 Greg Houlette - 0:1.1.7-0.fdr.1
271     - Cosmetic patchwork
272    
273     * Sat Aug 21 2004 Greg Houlette - 0:1.1.6-0.fdr.1
274     - Moderate reworking of .spec file for packaging standards
275     - Added md5 and sha1 file checks to prep procedure for source .rpm
276     - Included an optional rc.local replacement for scan on boot (with full logging)
277 slords 1.1
278     * Tue Aug 10 2004 Michael Boelen - 1.1.5
279     - Added update script
280     - Extended description
281    
282     * Sun Aug 08 2004 Greg Houlette - 1.1.5
283     - Changed the install procedure eliminating the specification of
284     destination filenames (only needed if you are renaming during install)
285     - Changed the permissions for documentation files (root only overkill)
286     - Added the installation of the rkhunter Man Page
287     - Added the installation of the programs_{bad, good}.dat database files
288     - Added the installation of the LICENSE documentation file
289     - Added the chmod for root only to the /var/rkhunter/db directory
290    
291     * Sun May 23 2004 Craig Orsinger (cjo) <cjorsinger@earthlink.net>
292     - version 1.1.0-1.cjo
293     - changed installation in accordance with new rootkit installation
294     procedure
295     - changed installation root to conform to LSB. Use standard macros.
296     - added recursive remove of old build root as prep for install phase
297    
298     * Wed Apr 28 2004 Doncho N. Gunchev - 1.0.9-0.mr700
299     - dropped Requires: perl - rkhunter works without it
300     - dropped the bash alignpatch (check the source or contact me)
301     - various file mode fixes (.../tmp/, *.db)
302     - optimized the %%files section - any new files in the
303     current dirs will be fine - just %%{__install} them.
304    
305     * Mon Apr 26 2004 Michael Boelen - 1.0.8-0
306     - Fixed missing md5blacklist.dat
307    
308     * Mon Apr 19 2004 Doncho N. Gunchev - 1.0.6-1.mr700
309     - added missing /usr/local/rkhunter/db/md5blacklist.dat
310     - patched to align results in --cronjob, I think rpm based
311     distros have symlink /bin/sh -> /bin/bash
312     - added --with/--without alignpatch for conditional builds
313     (in case previous patch breaks something)
314    
315     * Sat Apr 03 2004 Michael Boelen / Joe Klemmer - 1.0.6-0
316     - Update to 1.0.6
317    
318     * Mon Mar 29 2004 Doncho N. Gunchev - 1.0.0-0
319     - initial .spec file

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed