[Forensics-changes] [rkhunter] 06/23: Better default configuration (closes: #765898)
Francois Marier
francois at moszumanska.debian.org
Sun Apr 26 22:28:55 UTC 2015
This is an automated email from the git hooks/post-receive script.
francois pushed a commit to branch master
in repository rkhunter.
commit ec99ad644f61142f54ba63693186bc601b53c8bf
Author: Francois Marier <francois at debian.org>
Date: Sun Apr 26 00:15:08 2015 +1200
Better default configuration (closes: #765898)
---
debian/changelog | 1 +
debian/patches/05_custom_conffile.diff | 41 ++++++++++++++++++++++++++++------
2 files changed, 35 insertions(+), 7 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 8686cd4..e94e0d2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ rkhunter (1.4.2-1) unstable; urgency=medium
* Acknowledge my own NMUs (closes: #765351, #765912, #768396, #771477)
* Recommend both unhide and unhide.rb (closes: #765901)
+ * Better default configuration (closes: #765898)
* Bump Standards-Version up to 3.9.6
* Bump debhelper compatibility to 9
diff --git a/debian/patches/05_custom_conffile.diff b/debian/patches/05_custom_conffile.diff
index 975f4ba..62e6b3e 100644
--- a/debian/patches/05_custom_conffile.diff
+++ b/debian/patches/05_custom_conffile.diff
@@ -1,10 +1,19 @@
Description: Custom configuration options for Debian package
-Author: Julien Valroff <julien at debian.org>
+Author: Francois Marier <francois at debian.org>
Forwarded: not-needed
-Last-Update: 2014-10-14
+Last-Update: 2015-04-26
--- a/files/rkhunter.conf
+++ b/files/rkhunter.conf
+@@ -130,7 +130,7 @@
+ #
+ # Also see the MAIL_CMD option.
+ #
+-#MAIL-ON-WARNING=me at mydomain root at mydomain
++MAIL-ON-WARNING=root
+
+ #
+ # This option specifies the mail command to use if MAIL-ON-WARNING is set.
@@ -154,7 +154,7 @@
# subsequently commented out or removed, then the program will assume a
# default directory beneath the installation directory.
@@ -32,6 +41,15 @@ Last-Update: 2014-10-14
#
# This option can be used to modify the command directory list used by rkhunter
+@@ -264,7 +264,7 @@ LOGFILE=/var/log/rkhunter.log
+ #
+ # The default value is not to use syslog.
+ #
+-#USE_SYSLOG=authpriv.notice
++USE_SYSLOG=authpriv.warning
+
+ #
+ # Set the following option to '1' if the second colour set is to be used. This
@@ -349,8 +349,15 @@ AUTO_X_DETECT=1
# either of the options below are specified, then they will override the
# program defaults.
@@ -49,6 +67,15 @@ Last-Update: 2014-10-14
#
# The HASH_CMD option can be used to specify the command to use for the file
+@@ -381,7 +388,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #
+ # Also see the HASH_FLD_IDX option.
+ #
+-#HASH_CMD=sha1sum
++HASH_CMD=sha256sum
+
+ #
+ # The HASH_FLD_IDX option specifies which field from the HASH_CMD command
@@ -421,6 +428,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
#
# Also see the PKGMGR_NO_VRFY and USE_SUNSUM options.
@@ -59,7 +86,7 @@ Last-Update: 2014-10-14
#PKGMGR=NONE
#
-@@ -574,7 +584,15 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -574,7 +584,14 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
#
# The default value is the null string.
#
@@ -67,7 +94,6 @@ Last-Update: 2014-10-14
+SCRIPTWHITELIST=/bin/egrep
+SCRIPTWHITELIST=/bin/fgrep
+SCRIPTWHITELIST=/bin/which
-+SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/usr/bin/ldd
+SCRIPTWHITELIST=/usr/bin/lwp-request
+SCRIPTWHITELIST=/usr/sbin/adduser
@@ -76,7 +102,7 @@ Last-Update: 2014-10-14
#
# Allow the specified file to have the immutable attribute set.
-@@ -602,9 +620,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -602,9 +619,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
# The default value is the null string.
#
#ALLOWHIDDENDIR=/etc/.java
@@ -87,11 +113,12 @@ Last-Update: 2014-10-14
#
# Allow the specified hidden file to be whitelisted.
-@@ -620,6 +636,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -620,6 +635,11 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
#ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha1hmac.hmac
#ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac
#ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
+#ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
++#ALLOWHIDDENFILE=/usr/share/man/man5/.k5identity.5.gz
+#ALLOWHIDDENFILE=/etc/.gitignore
+#ALLOWHIDDENFILE=/etc/.bzrignore
+
@@ -104,7 +131,7 @@ Last-Update: 2014-10-14
#ALLOWPROCDELFILE=/sbin/cardmgr
+#ALLOWPROCDELFILE=/usr/lib/libgconf2-4/gconfd-2
#ALLOWPROCDELFILE=/usr/sbin/mysqld:/tmp/ib*
-+#ALLOWPROCDELFILE=/usr/lib/iceweasel/firefox-bin
++#ALLOWPROCDELFILE=/usr/lib/iceweasel/iceweasel
+#ALLOWPROCDELFILE=/usr/bin/file-roller
#
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/rkhunter.git
More information about the forensics-changes
mailing list