[Forensics-changes] [rkhunter] 11/23: Suggest "ALLOWHIDDENDIR=/dev/.lxc" in config file (closes: #762877)

Francois Marier francois at moszumanska.debian.org
Sun Apr 26 22:28:56 UTC 2015 

This is an automated email from the git hooks/post-receive script.

francois pushed a commit to branch master
in repository rkhunter.

commit a8a72fcae4a976d78ce84609b69d724850bab168
Author: Francois Marier <francois at debian.org>
Date:   Sun Apr 26 00:43:13 2015 +1200

    Suggest "ALLOWHIDDENDIR=/dev/.lxc" in config file (closes: #762877)
---
 debian/changelog                       |  1 +
 debian/patches/05_custom_conffile.diff | 15 ++++++++-------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 28c227c..f1d673b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,7 @@ rkhunter (1.4.2-1) unstable; urgency=medium
   * Comment out lwp-request in the config file (closes: #773974, #783069)
   * Fix config entries for etckeeper (closes: #779702)
   * Fix NONE/none and ALL/all mess in config file (closes: #780903)
+  * Suggest "ALLOWHIDDENDIR=/dev/.lxc" in config file (closes: #762877)
 
   * Bump Standards-Version up to 3.9.6
   * Bump debhelper compatibility to 9
diff --git a/debian/patches/05_custom_conffile.diff b/debian/patches/05_custom_conffile.diff
index 5a8bc63..4523bc9 100644
--- a/debian/patches/05_custom_conffile.diff
+++ b/debian/patches/05_custom_conffile.diff
@@ -120,7 +120,7 @@ Last-Update: 2015-04-26
  
  #
  # Allow the specified file to have the immutable attribute set.
-@@ -602,9 +619,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -602,9 +619,8 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  # The default value is the null string.
  #
  #ALLOWHIDDENDIR=/etc/.java
@@ -128,10 +128,11 @@ Last-Update: 2015-04-26
 -#ALLOWHIDDENDIR=/dev/.udevdb
 -#ALLOWHIDDENDIR=/dev/.mdadm
 +#ALLOWHIDDENDIR=/etc/.git
++#ALLOWHIDDENDIR=/dev/.lxc
  
  #
  # Allow the specified hidden file to be whitelisted.
-@@ -620,6 +635,11 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -620,6 +636,11 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha1hmac.hmac
  #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac
  #ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
@@ -143,7 +144,7 @@ Last-Update: 2015-04-26
  
  #
  # Allow the specified process to use deleted files. The process name may be
-@@ -634,7 +654,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -634,7 +655,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  # The default value is the null string.
  #
  #ALLOWPROCDELFILE=/sbin/cardmgr
@@ -154,7 +155,7 @@ Last-Update: 2015-04-26
  
  #
  # Allow the specified process to listen on any network interface.
-@@ -761,7 +784,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -761,7 +785,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
  # This option has no default value.
  #
@@ -163,7 +164,7 @@ Last-Update: 2015-04-26
  
  #
  # This option tells rkhunter the pathname to the file containing the user
-@@ -786,7 +809,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -786,7 +810,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
  # The default value is the null string.
  #
@@ -172,7 +173,7 @@ Last-Update: 2015-04-26
  
  #
  # This option allows the specified accounts to have no password. NIS/YP entries
-@@ -941,7 +964,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -941,7 +965,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
  # Also see the WARN_ON_OS_CHANGE and UPDT_ON_OS_CHANGE options.
  #
@@ -181,7 +182,7 @@ Last-Update: 2015-04-26
  
  #
  # Set the following option to '0' if you do not want to receive a warning if any
-@@ -1178,7 +1201,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -1178,7 +1202,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
  # The default value is '0'.
  #

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/rkhunter.git

More information about the forensics-changes mailing list