/[smeserver]/rpms/rkhunter/sme8/rkhunter.spec

Diff of /rpms/rkhunter/sme8/rkhunter.spec

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-Revision 1.1 by slords,
Tue Jun 12 20:49:39 2007 UTC
+Revision 1.12 by slords,
Wed Apr  9 13:51:56 2008 UTC
 Line 1
+ # $Id$
+ # No debuginfo:
+ %define debug_package %{nil}
+ # If you want to debug, uncomment the next line and remove
+ # the duplicate percent sign (due to macro expansion)
+ #%%dump
+ %define name rkhunter
+ %define ver 1.3.2
+ %define rel 2
+ %define epoch 0
+ # Don't change this define or also:
+ # 1. installer.sh --layout custom /temporary/dir/usr --striproot /temporary/dir --install
+ # 2. rewrite the files section below.
+ %define _prefix /usr
  # We can't let RPM do the dependencies automatic because it'll then pick up
  # a correct but undesirable perl dependency, which rkhunter does not require
  # in order to function properly.
  AutoReqProv: no
- Summary:        Rootkit scans for rootkits, backdoors and local exploits.
+ Name: %{name}
- Name:           rkhunter
+ Summary: %{name} scans for rootkits, backdoors and local exploits
- Version:        1.2.9
+ Version: %{ver}
- Release:        3%{?dist}
+ Release: %{rel}%{dist}
- Epoch:          0
+ Epoch: %{epoch}
- License:        GPL
+ License: GPL
- Group:          Applications/System
+ Group: Applications/System
- URL:            http://rkhunter.sourceforge.net/
+ Source0: %{name}-%{version}.tar.gz
- Source0:        %{name}-%{version}.tar.gz
+ Patch0: rkhunter-installer.patch
- Patch0:         rkhunter-sme7.patch
+ Patch1: rkhunter-nolib.patch
- BuildArch:      noarch
+ BuildArch: noarch
- Requires:       /bin/sh, /bin/ps, /bin/ls, /bin/cat, /bin/egrep, /usr/bin/strings
+ Requires: filesystem, bash, grep, findutils, net-tools, coreutils, e2fsprogs, modutils, procps, binutils, wget, perl
- BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+ Provides: %{name}
+ URL: http://rkhunter.sourceforge.net/
+ BuildRoot: %{_tmppath}/%{name}-%{version}
  %description
- Rootkit scanner is scanning tool to ensure you for about 99.9%% you're
+ Rootkit Hunter is a scanning tool to ensure you are about 99.9%%
- clean of nasty tools. This tool scans for rootkits, backdoors and local
+ clean of nasty tools. It scans for rootkits, backdoors and local
  exploits by running tests like:
-         - MD5 hash compare
+         - File hash check
          - Look for default files used by rootkits
          - Wrong file permissions for binaries
          - Look for suspected strings in LKM and KLD modules
-Line 34 
 Rootkit Hunter is released as a GPL lice
+Line 55 
 Rootkit Hunter is released as a GPL lice
  %prep
- %setup
+ %setup -q
- %patch -p1
+ %patch0 -p1
+ %patch1 -p1
  %build
- #%%configure ...
- # We have nothing to configure... yet...
  %install
- # Well... This could be a bit smaller if the install
+ MANPATH=""
- # script was able to handle DSTDIR for example...
+ export MANPATH
- # (cjo) remove old version of build root, if it exists
+ sh ./installer.sh --layout RPM --install
- %{__rm} -rf ${RPM_BUILD_ROOT}
- %{__mkdir} -p ${RPM_BUILD_ROOT}%{_bindir}
+ sed -i 's_#ALLOWPROCLISTEN=/sbin/dhclient_ALLOWPROCLISTEN=/sbin/dhclient_' ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.conf
- %{__mkdir} -p ${RPM_BUILD_ROOT}%{_sysconfdir}
+ sed -i 's_#ALLOWPROCLISTEN=/usr/sbin/pppoe_ALLOWPROCLISTEN=/sbin/pppoe_' ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.conf
- %{__mkdir} -p ${RPM_BUILD_ROOT}%{_libdir}
+ sed -i 's_#ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz_ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz_' ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.conf
- %{__mkdir} -p ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts
+ sed -i '/#ALLOWPROCLISTEN=\/usr\/bin\/dhcpcd/iALLOWPROCLISTEN=\/usr\/sbin\/dhcpd' ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.conf
- %{__mkdir} -p ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}
+ sed -i '/#ALLOWPROCDELFILE=\/usr\/sbin\/mysqld/aALLOWPROCDELFILE=\/usr\/sbin\/httpd' ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.conf
- %{__mkdir} -p ${RPM_BUILD_ROOT}%{_mandir}/man8
+ sed -i '/ALLOWPROCDELFILE=\/usr\/sbin\/httpd/aALLOWPROCDELFILE=\/usr\/sbin\/asterisk' ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.conf
- %{__mkdir} -p ${RPM_BUILD_ROOT}%{_var}/rkhunter/{db,tmp}
+ sed -i '/ALLOWPROCDELFILE=\/usr\/sbin\/httpd/aALLOWPROCDELFILE=\/usr\/bin\/freshclam' ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}.conf
- %{__chmod} ug+rwx,o-rwx ${RPM_BUILD_ROOT}%{_var}/rkhunter/tmp
- %{__install} -m750 -p files/rkhunter            ${RPM_BUILD_ROOT}%{_bindir}/
- %{__install} -m640 -p files/backdoorports.dat   ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/
- %{__install} -m640 -p files/defaulthashes.dat   ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/
- %{__install} -m640 -p files/mirrors.dat         ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/
- %{__install} -m640 -p files/os.dat              ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/
- %{__install} -m640 -p files/md5blacklist.dat    ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/
- %{__install} -m640 -p files/programs_bad.dat    ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/
- %{__install} -m640 -p files/programs_good.dat   ${RPM_BUILD_ROOT}%{_var}/rkhunter/db/
- %{__install} -m644 -p files/CHANGELOG           ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
- %{__install} -m644 -p files/LICENSE             ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
- %{__install} -m644 -p files/README              ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
- %{__install} -m644 -p files/WISHLIST            ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
- %{__install} -m644 -p files/development/*.8     ${RPM_BUILD_ROOT}%{_mandir}/man8/
- %{__install} -m750 -p files/check_modules.pl    ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/
- %{__install} -m750 -p files/check_port.pl       ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/
- %{__install} -m750 -p files/filehashmd5.pl      ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/
- %{__install} -m750 -p files/filehashsha1.pl     ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/
- %{__install} -m750 -p files/showfiles.pl        ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/
- %{__install} -m750 -p files/check_update.sh     ${RPM_BUILD_ROOT}%{_libdir}/rkhunter/scripts/
- # (cjo) Put installation root in configuration file, then copy the rest
- #       of the file from the original.
- cat >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf << EOF
- ## Next three lines installed automatically by RPM. Do not change
- ## unless you know what you're doing...
- INSTALLDIR=%{_prefix}
- DBDIR=%{_var}/rkhunter/db
- TMPDIR=%{_var}/rkhunter/tmp
- EOF
- cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
+ # Make a cron.daily file to mail us the reports
- %{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
- # Only root should use rkhunter (at least for now)
- %{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_libdir}/rkhunter
- %{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/rkhunter/db
- # make a cron.daily file to mail us the reports
  %{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily"
  %{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/01-rkhunter" <<EOF
  #!/bin/sh
- %{_bindir}/rkhunter --cronjob --skip-application-check --report-warnings-only --createlogfile /var/log/rkhunter.log
+ %{_bindir}/rkhunter --cronjob --update --disable apps,suspscan,system_commands --rwo
+ exit 0
  EOF
  %{__chmod} a+rwx,g-w,o-rwx ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/01-rkhunter
- %clean
- %{__rm} -rf "$RPM_BUILD_ROOT"
- %files
- %defattr(-,root,root,-)
- %{_bindir}/rkhunter
- %dir %{_libdir}/rkhunter
- %doc %{_docdir}/rkhunter-%{version}
- %{_mandir}/man8/*
- %{_libdir}/rkhunter/scripts
- %dir %{_var}/rkhunter/tmp
- %{_var}/rkhunter/db
- %config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf
- %{_sysconfdir}/cron.daily/01-rkhunter
+ %post
+ # Only do this on an initial install
+ if [ $1 -eq 1 ]; then
+         %{__cp} -p /etc/passwd /var/rkhunter/tmp >/dev/null 2>&1 || :
+         %{__cp} -p /etc/group /var/rkhunter/tmp >/dev/null 2>&1 || :
+ fi
- %changelog
- * Sun Apr 29 2007 Shad L. Lords <slords@mail.com>
- - Clean up spec so package can be built by koji/plague
- * Wed Mar 07 2007 Shad L. Lords <slords@mail.com> 1.2.9-3
+ %preun
- - Add sigs for 7.1.2 and 7.1.3
+ # Only do this when removing the RPM
+ if [ $1 -eq 0 ]; then
+         %{__rm} -f /var/log/rkhunter.log /var/log/rkhunter.log.old >/dev/null 2>&1
+         %{__rm} -rf /var/rkhunter/* >/dev/null 2>&1
+ fi
- * Sun Jan 28 2007 Shad L. Lords <slords@mail.com> 1.2.9-2
- - Run updates as part of build process
- * Sun Jan 28 2007 Shad L. Lords <slords@mail.com> 1.2.9-1
+ %clean
- - Update to latest 1.2.9
+ if [ "$RPM_BUILD_ROOT" = "/" ]; then
+         echo Invalid Build root \'"$RPM_BUILD_ROOT"\'
- * Tue Dec 12 2006 Shad L. Lords <slords@mail.com> 1.2.8-4
+         exit 1
- - Add strings as a requirement. [SME: 2267]
+ else
+         rm -rf $RPM_BUILD_ROOT
+ fi
- * Tue Dec 12 2006 Shad L. Lords <slords@mail.com> 1.2.8-3
- - Added 7.1
- * Thu Dec 07 2006 Shad L. Lords <slords@mail.com> 1.2.8-2
+ %define docdir %{_prefix}/share/doc/%{name}-%{version}
- - Update to new release naming.  No functional changes.
+ %files
- - Make Packager generic
+ %defattr(-,root,root)
+ %attr(640,root,root) %config(noreplace) %{_sysconfdir}/%{name}.conf
+ %attr(750,root,root) %{_prefix}/bin/%{name}
+ %attr(750,root,root) %dir %{_libdir}/%{name}
+ %attr(750,root,root) %dir %{_libdir}/%{name}/scripts
+ %attr(750,root,root) %{_libdir}/%{name}/scripts/*.pl
+ %attr(750,root,root) %{_libdir}/%{name}/scripts/*.sh
+ %attr(644,root,root) %doc %{_prefix}/share/man/man8/%{name}.8.gz
+ %attr(755,root,root) %dir %{docdir}
+ %attr(644,root,root) %doc %{docdir}/*
+ %attr(750,root,root) %dir %{_var}/%{name}
+ %attr(750,root,root) %dir %{_var}/%{name}/db
+ %attr(640,root,root) %{_var}/%{name}/db/*.dat
+ %attr(750,root,root) %dir %{_var}/%{name}/db/i18n
+ %attr(640,root,root) %{_var}/%{name}/db/i18n/*
+ %attr(750,root,root) %dir %{_var}/%{name}/tmp
+ %{_sysconfdir}/cron.daily/01-rkhunter
- * Sun Nov 12 2006 Shad L. Lords <slords@lordsfam.net> 1.2.8-1sme01
- - Updated to latest 1.2.8
- * Wed Feb 22 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme07
+ %changelog
- - Added 7.0pre[45] and 7.0prc3 [SME: 860
+ * Sun Mar 2 2008 Shad L. Lords <slords@mail.com> 1.3.2-2
+ - Allow freshclam to use deleted files. [SME: 3876]
- * Mon Feb 20 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme06
+ * Fri Feb 29 2008 Shad L. Lords <slords@mail.com> 1.3.2-1
- - Added 7.0pre3 [SME: 845]
+ - Update to rkhunter v1.3.2 [SME: 4000]
- * Sat Feb 4 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme05
+ * Wed Jan 30 2008 Shad L. Lords <slords@mail.com> 1.3.0-6
- - Added 7.0pre2 [SME: 653]
+ - Fix asterisk to allow deleted files. [SME: 3795]
- * Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme04
+ * Tue Jan 29 2008 Shad L. Lords <slords@mail.com> 1.3.0-5
- - Remove explicit call to /bin/mail from rkhunter daily cron job. If
+ - Correct pppoe binary location.
-   there's no output, we don't want any mail either [SME: 421]
+ - Add asterisk binary to allow deleted files. [SME: 3795]
- * Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme03
+ * Mon Jan 7 2008 Shad L. Lords <slords@mail.com> 1.3.0-4
- - Fix up format of os.dat entries. rkhunter knows about
+ - Disable scan for suspicious files until fixed [SME: 3713]
-   /etc/e-smith-release [SME: 384]
- * Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme02
+ * Mon Dec 17 2007 Shad L. Lords <slords@mail.com> 1.3.0-3
- - And add support for 7.0pre1 [SME: 384]
+ - Change /var/lib to /var to be consistent with previous versions
- * Mon Jan 9 2006 Gordon Rowell <gordonr@gormand.com.au> 1.2.7-1sme01
+ * Mon Dec 17 2007 Shad L. Lords <slords@mail.com> 1.3.0-2
- - Add support for 7.0beta9, rc[12] and final [SME: 384]
+ - Add a few more services for sme tests
- * Wed Nov 09 2005 Charlie Brady <charlieb@e-smith.com> 1.2.7-1es2
+ * Mon Dec 17 2007 Shad L. Lords <slords@mail.com> 1.3.0-1
- - Add support for CentOS 4.{1,2,3}
+ - Fix installer to not install in local
+ - Set parameters for sme specific tests
- * Fri Jul 15 2005 Charlie Brady - 1.2.7-1es
+ * Sun Feb 11 2007 unSpawn - pre-1.3.0
- - Upgrade to 1.2.7
+ - Sync spec with fixes, installer and CVS
- * Sun Jun 05 2005 Charlie Brady - 1.2.6-2es
+ * Sun Nov 12 2006 unSpawn - 1.2.9
- - Make cron job quieter
+ - Re-spec, new installer
- - Add SME6.1 and SME7 as recognised OSes.
- * Tue May 10 2005 Charlie Brady - 1.2.6
+ * Fri Sep 29 2006 unSpawn - 1.2.9
- - Update to 1.2.6
+ - Updated for release 1.2.9
  * Tue Aug 10 2004 Michael Boelen - 1.1.5
  - Added update script
-Line 227 
 EOF
+Line 210 
 EOF
  * Mon Mar 29 2004 Doncho N. Gunchev - 1.0.0-0
  - initial .spec file

 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
-Removed lines/characters
+Added lines/characters

admin@koozali.org	ViewVC Help
Powered by ViewVC 1.2.1