[Forensics-changes] [rkhunter] 04/08: Update 05_custom_conffile.diff to account for upstream changes

Francois Marier francois at moszumanska.debian.org
Mon Dec 8 04:24:23 UTC 2014


This is an automated email from the git hooks/post-receive script.

francois pushed a commit to branch master
in repository rkhunter.

commit 6e588902851d0a29c75d4713ac273575d3276540
Author: Francois Marier <francois at debian.org>
Date:   Wed Oct 15 00:05:04 2014 +1300

    Update 05_custom_conffile.diff to account for upstream changes
---
 debian/changelog                       |   1 +
 debian/patches/05_custom_conffile.diff | 157 ++++++++++++++++-----------------
 2 files changed, 79 insertions(+), 79 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index ea95c17..360b965 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ rkhunter (1.4.2-0.1) unstable; urgency=medium
 
   * Non-maintainer upload.
   * New upstream version (closes: #743725, #751347)
+  * Update 05_custom_conffile.diff to account for upstream changes
 
  -- Francois Marier <francois at debian.org>  Tue, 14 Oct 2014 23:25:03 +1300
 
diff --git a/debian/patches/05_custom_conffile.diff b/debian/patches/05_custom_conffile.diff
index 0135f1d..f10c57d 100644
--- a/debian/patches/05_custom_conffile.diff
+++ b/debian/patches/05_custom_conffile.diff
@@ -1,50 +1,57 @@
 Description: Custom configuration options for Debian package
 Author: Julien Valroff <julien at debian.org>
 Forwarded: not-needed
+Last-Update: 2014-10-14
 
 --- a/files/rkhunter.conf
 +++ b/files/rkhunter.conf
-@@ -99,17 +99,17 @@
- # important files will be written to this directory, so be
- # sure that the directory permissions are tight.
+@@ -154,7 +154,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
  #
 -#TMPDIR=/var/lib/rkhunter/tmp
 +TMPDIR=/var/lib/rkhunter/tmp
  
  #
- # Specify the database directory to use.
+ # This option specifies the database directory to use.
+@@ -163,7 +163,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
  #
 -#DBDIR=/var/lib/rkhunter/db
 +DBDIR=/var/lib/rkhunter/db
  
  #
- # Specify the script directory to use.
+ # This option specifies the script directory to use.
+@@ -171,7 +171,7 @@
+ # The installer program will set the default directory. If this default is
+ # subsequently commented out or removed, then the program will not run.
  #
 -#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
 +SCRIPTDIR=/usr/share/rkhunter/scripts
  
  #
- # This option can be used to modify the command directory list used
-@@ -255,8 +255,15 @@
- # Please read the README file for more details about enabling and disabling
- # tests, the test names, and how rkhunter behaves when these options are used.
+ # This option can be used to modify the command directory list used by rkhunter
+@@ -349,8 +349,15 @@ AUTO_X_DETECT=1
+ # either of the options below are specified, then they will override the
+ # program defaults.
  #
 +# hidden_procs test requires the unhide command which is part of the unhide
 +# package in Debian.
 +#
-+# apps test is disabled by default as it triggers warnings about outdated 
++# apps test is disabled by default as it triggers warnings about outdated
 +# applications (and warns about possible security risk: we better trust
 +# the Debian Security Team).
 +#
- ENABLE_TESTS="all"
--DISABLE_TESTS="suspscan hidden_ports hidden_procs deleted_files packet_cap_apps"
-+DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps"
+ ENABLE_TESTS=ALL
+-DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
++DISABLE_TESTS=suspscan hidden_procs deleted_files packet_cap_apps apps
  
  #
- # The HASH_FUNC option can be used to specify the command to use
-@@ -324,6 +331,9 @@
+ # The HASH_CMD option can be used to specify the command to use for the file
+@@ -421,6 +428,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
- # Whenever this option is changed 'rkhunter --propupd' must be run.
+ # Also see the PKGMGR_NO_VRFY and USE_SUNSUM options.
  #
 +# NONE is the default for Debian as well, as running --propupd takes
 +# about 4 times longer when it's set to DPKG
@@ -52,12 +59,11 @@ Forwarded: not-needed
  #PKGMGR=NONE
  
  #
-@@ -466,8 +476,15 @@
- # be specified more than once. The option may use wildcard
- # characters.
+@@ -574,7 +584,15 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
--#SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
--#SCRIPTWHITELIST="/usr/bin/groups"
+ # The default value is the null string.
+ #
+-#SCRIPTWHITELIST=/usr/bin/groups
 +SCRIPTWHITELIST=/bin/egrep
 +SCRIPTWHITELIST=/bin/fgrep
 +SCRIPTWHITELIST=/bin/which
@@ -69,82 +75,75 @@ Forwarded: not-needed
 +#SCRIPTWHITELIST=/usr/bin/unhide.rb
  
  #
- # Allow the specified commands to have the immutable attribute set.
-@@ -492,11 +509,9 @@
- # may use wildcard characters.
- #
- #ALLOWHIDDENDIR="/etc/.java"
--#ALLOWHIDDENDIR="/dev/.udev /dev/.udevdb /dev/.udev.tdb"
- #ALLOWHIDDENDIR="/dev/.static"
--#ALLOWHIDDENDIR="/dev/.initramfs"
- #ALLOWHIDDENDIR="/dev/.SRC-unix"
--#ALLOWHIDDENDIR="/dev/.mdadm"
-+#ALLOWHIDDENDIR="/etc/.etckeeper"
+ # Allow the specified file to have the immutable attribute set.
+@@ -602,9 +620,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ # The default value is the null string.
+ #
+ #ALLOWHIDDENDIR=/etc/.java
+-#ALLOWHIDDENDIR=/dev/.udev
+-#ALLOWHIDDENDIR=/dev/.udevdb
+-#ALLOWHIDDENDIR=/dev/.mdadm
++#ALLOWHIDDENDIR=/etc/.etckeeper
  
  #
- # Allow the specified hidden files to be whitelisted.
-@@ -521,6 +536,9 @@
- #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
- #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
- #ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
-+#ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5.gz"
-+#ALLOWHIDDENFILE="/etc/.gitignore"
-+#ALLOWHIDDENFILE="/etc/.bzrignore"
+ # Allow the specified hidden file to be whitelisted.
+@@ -620,6 +636,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha1hmac.hmac
+ #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac
+ #ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
++#ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
++#ALLOWHIDDENFILE=/etc/.gitignore
++#ALLOWHIDDENFILE=/etc/.bzrignore
++
  
  #
- # Allow the specified processes to use deleted files. The
-@@ -535,8 +553,10 @@
- # characters, but only in the file names.
+ # Allow the specified process to use deleted files. The process name may be
+@@ -634,7 +654,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ # The default value is the null string.
  #
- #ALLOWPROCDELFILE="/sbin/cardmgr /usr/sbin/gpm:/etc/X11/abc"
--#ALLOWPROCDELFILE="/usr/libexec/gconfd-2"
-+#ALLOWPROCDELFILE="/usr/lib/libgconf2-4/gconfd-2"
- #ALLOWPROCDELFILE="/usr/sbin/mysqld:/tmp/ib*"
-+#ALLOWPROCDELFILE="/usr/lib/iceweasel/firefox-bin"
-+#ALLOWPROCDELFILE="/usr/bin/file-roller"
+ #ALLOWPROCDELFILE=/sbin/cardmgr
++#ALLOWPROCDELFILE=/usr/lib/libgconf2-4/gconfd-2
+ #ALLOWPROCDELFILE=/usr/sbin/mysqld:/tmp/ib*
++#ALLOWPROCDELFILE=/usr/lib/iceweasel/firefox-bin
++#ALLOWPROCDELFILE=/usr/bin/file-roller
  
  #
- # Allow the specified processes to listen on any network interface.
-@@ -547,7 +567,6 @@
- #ALLOWPROCLISTEN="/sbin/dhclient /usr/bin/dhcpcd"
- #ALLOWPROCLISTEN="/usr/sbin/pppoe /usr/sbin/tcpdump"
- #ALLOWPROCLISTEN="/usr/sbin/snort-plain"
--#ALLOWPROCLISTEN="/usr/local/bin/wpa_supplicant"
- 
+ # Allow the specified process to listen on any network interface.
+@@ -761,7 +784,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
- # Allow the specified network interfaces to be in promiscuous mode.
-@@ -647,7 +666,7 @@
- # The option may be specified more than once. The option may use
- # wildcard characters.
+ # This option has no default value.
  #
--#STARTUP_PATHS="/etc/rc.d /etc/rc.local"
-+#STARTUP_PATHS="/etc/init.d /etc/rc.local"
+-#STARTUP_PATHS=/etc/rc.d /etc/rc.local
++#STARTUP_PATHS=/etc/init.d /etc/rc.local
  
  #
- # This setting tells rkhunter the pathname to the file containing the
-@@ -668,7 +687,7 @@
- # NOTE: For *BSD systems you will probably need to use this option
- # for the 'toor' account.
+ # This option tells rkhunter the pathname to the file containing the user
+@@ -786,7 +809,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #
+ # The default value is the null string.
  #
--#UID0_ACCOUNTS="toor rooty"
-+#UID0_ACCOUNTS="toor rooty sashroot"
+-#UID0_ACCOUNTS=toor rooty
++#UID0_ACCOUNTS=toor rooty sashroot
  
  #
- # Allow the following accounts to have no password. NIS/YP entries do
-@@ -786,7 +805,7 @@
- # specified, then RKH will assume the O/S release information is on the
- # first non-blank line of the file.
+ # This option allows the specified accounts to have no password. NIS/YP entries
+@@ -941,7 +964,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
--#OS_VERSION_FILE="/etc/release"
-+#OS_VERSION_FILE="/etc/debian_version"
+ # Also see the WARN_ON_OS_CHANGE and UPDT_ON_OS_CHANGE options.
+ #
+-#OS_VERSION_FILE=/etc/release
++#OS_VERSION_FILE=/etc/debian_version
  
  #
- # The following two options can be used to whitelist files and directories
-@@ -979,4 +998,6 @@
- # of 2 will disable the Ruby 'unhide.rb' program. The default value is 0. To disable
- # both programs, then disable the 'hidden_procs' test.
+ # Set the following option to '0' if you do not want to receive a warning if any
+@@ -1178,7 +1201,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #
+ # The default value is '0'.
  #
 -#DISABLE_UNHIDE=0
 +DISABLE_UNHIDE=1
 +
-+INSTALLDIR="/usr"
++INSTALLDIR=/usr
+ 
+ #
+ # This option can be set to either '0' or '1'. If set to '1' then the summary,

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/rkhunter.git



More information about the forensics-changes mailing list