[Forensics-changes] [rkhunter] 04/08: Update 05_custom_conffile.diff to account for upstream changes
Francois Marier
francois at moszumanska.debian.org
Mon Dec 8 04:24:23 UTC 2014
This is an automated email from the git hooks/post-receive script.
francois pushed a commit to branch master
in repository rkhunter.
commit 6e588902851d0a29c75d4713ac273575d3276540
Author: Francois Marier <francois at debian.org>
Date: Wed Oct 15 00:05:04 2014 +1300
Update 05_custom_conffile.diff to account for upstream changes
---
debian/changelog | 1 +
debian/patches/05_custom_conffile.diff | 157 ++++++++++++++++-----------------
2 files changed, 79 insertions(+), 79 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index ea95c17..360b965 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ rkhunter (1.4.2-0.1) unstable; urgency=medium
* Non-maintainer upload.
* New upstream version (closes: #743725, #751347)
+ * Update 05_custom_conffile.diff to account for upstream changes
-- Francois Marier <francois at debian.org> Tue, 14 Oct 2014 23:25:03 +1300
diff --git a/debian/patches/05_custom_conffile.diff b/debian/patches/05_custom_conffile.diff
index 0135f1d..f10c57d 100644
--- a/debian/patches/05_custom_conffile.diff
+++ b/debian/patches/05_custom_conffile.diff
@@ -1,50 +1,57 @@
Description: Custom configuration options for Debian package
Author: Julien Valroff <julien at debian.org>
Forwarded: not-needed
+Last-Update: 2014-10-14
--- a/files/rkhunter.conf
+++ b/files/rkhunter.conf
-@@ -99,17 +99,17 @@
- # important files will be written to this directory, so be
- # sure that the directory permissions are tight.
+@@ -154,7 +154,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
#
-#TMPDIR=/var/lib/rkhunter/tmp
+TMPDIR=/var/lib/rkhunter/tmp
#
- # Specify the database directory to use.
+ # This option specifies the database directory to use.
+@@ -163,7 +163,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
#
-#DBDIR=/var/lib/rkhunter/db
+DBDIR=/var/lib/rkhunter/db
#
- # Specify the script directory to use.
+ # This option specifies the script directory to use.
+@@ -171,7 +171,7 @@
+ # The installer program will set the default directory. If this default is
+ # subsequently commented out or removed, then the program will not run.
#
-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
+SCRIPTDIR=/usr/share/rkhunter/scripts
#
- # This option can be used to modify the command directory list used
-@@ -255,8 +255,15 @@
- # Please read the README file for more details about enabling and disabling
- # tests, the test names, and how rkhunter behaves when these options are used.
+ # This option can be used to modify the command directory list used by rkhunter
+@@ -349,8 +349,15 @@ AUTO_X_DETECT=1
+ # either of the options below are specified, then they will override the
+ # program defaults.
#
+# hidden_procs test requires the unhide command which is part of the unhide
+# package in Debian.
+#
-+# apps test is disabled by default as it triggers warnings about outdated
++# apps test is disabled by default as it triggers warnings about outdated
+# applications (and warns about possible security risk: we better trust
+# the Debian Security Team).
+#
- ENABLE_TESTS="all"
--DISABLE_TESTS="suspscan hidden_ports hidden_procs deleted_files packet_cap_apps"
-+DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps"
+ ENABLE_TESTS=ALL
+-DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
++DISABLE_TESTS=suspscan hidden_procs deleted_files packet_cap_apps apps
#
- # The HASH_FUNC option can be used to specify the command to use
-@@ -324,6 +331,9 @@
+ # The HASH_CMD option can be used to specify the command to use for the file
+@@ -421,6 +428,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
#
- # Whenever this option is changed 'rkhunter --propupd' must be run.
+ # Also see the PKGMGR_NO_VRFY and USE_SUNSUM options.
#
+# NONE is the default for Debian as well, as running --propupd takes
+# about 4 times longer when it's set to DPKG
@@ -52,12 +59,11 @@ Forwarded: not-needed
#PKGMGR=NONE
#
-@@ -466,8 +476,15 @@
- # be specified more than once. The option may use wildcard
- # characters.
+@@ -574,7 +584,15 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
#
--#SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
--#SCRIPTWHITELIST="/usr/bin/groups"
+ # The default value is the null string.
+ #
+-#SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/bin/egrep
+SCRIPTWHITELIST=/bin/fgrep
+SCRIPTWHITELIST=/bin/which
@@ -69,82 +75,75 @@ Forwarded: not-needed
+#SCRIPTWHITELIST=/usr/bin/unhide.rb
#
- # Allow the specified commands to have the immutable attribute set.
-@@ -492,11 +509,9 @@
- # may use wildcard characters.
- #
- #ALLOWHIDDENDIR="/etc/.java"
--#ALLOWHIDDENDIR="/dev/.udev /dev/.udevdb /dev/.udev.tdb"
- #ALLOWHIDDENDIR="/dev/.static"
--#ALLOWHIDDENDIR="/dev/.initramfs"
- #ALLOWHIDDENDIR="/dev/.SRC-unix"
--#ALLOWHIDDENDIR="/dev/.mdadm"
-+#ALLOWHIDDENDIR="/etc/.etckeeper"
+ # Allow the specified file to have the immutable attribute set.
+@@ -602,9 +620,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ # The default value is the null string.
+ #
+ #ALLOWHIDDENDIR=/etc/.java
+-#ALLOWHIDDENDIR=/dev/.udev
+-#ALLOWHIDDENDIR=/dev/.udevdb
+-#ALLOWHIDDENDIR=/dev/.mdadm
++#ALLOWHIDDENDIR=/etc/.etckeeper
#
- # Allow the specified hidden files to be whitelisted.
-@@ -521,6 +536,9 @@
- #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
- #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
- #ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
-+#ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5.gz"
-+#ALLOWHIDDENFILE="/etc/.gitignore"
-+#ALLOWHIDDENFILE="/etc/.bzrignore"
+ # Allow the specified hidden file to be whitelisted.
+@@ -620,6 +636,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha1hmac.hmac
+ #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac
+ #ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
++#ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
++#ALLOWHIDDENFILE=/etc/.gitignore
++#ALLOWHIDDENFILE=/etc/.bzrignore
++
#
- # Allow the specified processes to use deleted files. The
-@@ -535,8 +553,10 @@
- # characters, but only in the file names.
+ # Allow the specified process to use deleted files. The process name may be
+@@ -634,7 +654,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ # The default value is the null string.
#
- #ALLOWPROCDELFILE="/sbin/cardmgr /usr/sbin/gpm:/etc/X11/abc"
--#ALLOWPROCDELFILE="/usr/libexec/gconfd-2"
-+#ALLOWPROCDELFILE="/usr/lib/libgconf2-4/gconfd-2"
- #ALLOWPROCDELFILE="/usr/sbin/mysqld:/tmp/ib*"
-+#ALLOWPROCDELFILE="/usr/lib/iceweasel/firefox-bin"
-+#ALLOWPROCDELFILE="/usr/bin/file-roller"
+ #ALLOWPROCDELFILE=/sbin/cardmgr
++#ALLOWPROCDELFILE=/usr/lib/libgconf2-4/gconfd-2
+ #ALLOWPROCDELFILE=/usr/sbin/mysqld:/tmp/ib*
++#ALLOWPROCDELFILE=/usr/lib/iceweasel/firefox-bin
++#ALLOWPROCDELFILE=/usr/bin/file-roller
#
- # Allow the specified processes to listen on any network interface.
-@@ -547,7 +567,6 @@
- #ALLOWPROCLISTEN="/sbin/dhclient /usr/bin/dhcpcd"
- #ALLOWPROCLISTEN="/usr/sbin/pppoe /usr/sbin/tcpdump"
- #ALLOWPROCLISTEN="/usr/sbin/snort-plain"
--#ALLOWPROCLISTEN="/usr/local/bin/wpa_supplicant"
-
+ # Allow the specified process to listen on any network interface.
+@@ -761,7 +784,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
#
- # Allow the specified network interfaces to be in promiscuous mode.
-@@ -647,7 +666,7 @@
- # The option may be specified more than once. The option may use
- # wildcard characters.
+ # This option has no default value.
#
--#STARTUP_PATHS="/etc/rc.d /etc/rc.local"
-+#STARTUP_PATHS="/etc/init.d /etc/rc.local"
+-#STARTUP_PATHS=/etc/rc.d /etc/rc.local
++#STARTUP_PATHS=/etc/init.d /etc/rc.local
#
- # This setting tells rkhunter the pathname to the file containing the
-@@ -668,7 +687,7 @@
- # NOTE: For *BSD systems you will probably need to use this option
- # for the 'toor' account.
+ # This option tells rkhunter the pathname to the file containing the user
+@@ -786,7 +809,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #
+ # The default value is the null string.
#
--#UID0_ACCOUNTS="toor rooty"
-+#UID0_ACCOUNTS="toor rooty sashroot"
+-#UID0_ACCOUNTS=toor rooty
++#UID0_ACCOUNTS=toor rooty sashroot
#
- # Allow the following accounts to have no password. NIS/YP entries do
-@@ -786,7 +805,7 @@
- # specified, then RKH will assume the O/S release information is on the
- # first non-blank line of the file.
+ # This option allows the specified accounts to have no password. NIS/YP entries
+@@ -941,7 +964,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
#
--#OS_VERSION_FILE="/etc/release"
-+#OS_VERSION_FILE="/etc/debian_version"
+ # Also see the WARN_ON_OS_CHANGE and UPDT_ON_OS_CHANGE options.
+ #
+-#OS_VERSION_FILE=/etc/release
++#OS_VERSION_FILE=/etc/debian_version
#
- # The following two options can be used to whitelist files and directories
-@@ -979,4 +998,6 @@
- # of 2 will disable the Ruby 'unhide.rb' program. The default value is 0. To disable
- # both programs, then disable the 'hidden_procs' test.
+ # Set the following option to '0' if you do not want to receive a warning if any
+@@ -1178,7 +1201,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #
+ # The default value is '0'.
#
-#DISABLE_UNHIDE=0
+DISABLE_UNHIDE=1
+
-+INSTALLDIR="/usr"
++INSTALLDIR=/usr
+
+ #
+ # This option can be set to either '0' or '1'. If set to '1' then the summary,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/rkhunter.git
More information about the forensics-changes
mailing list