diff options
author | Michael Palimaka <kensington@gentoo.org> | 2018-05-26 20:28:38 +1000 |
---|---|---|
committer | Michael Palimaka <kensington@gentoo.org> | 2018-05-26 20:29:02 +1000 |
commit | 279eb849abb2875b3f3181a4a1b3e47b24c5643a (patch) | |
tree | 735268b2325ade3882448202b40fb49792904ea1 /app-forensics | |
parent | sys-apps/pcmciautils: Drop old (diff) | |
download | gentoo-279eb849abb2875b3f3181a4a1b3e47b24c5643a.tar.gz gentoo-279eb849abb2875b3f3181a4a1b3e47b24c5643a.tar.bz2 gentoo-279eb849abb2875b3f3181a4a1b3e47b24c5643a.zip |
app-forensics/rkhunter: revbump removes update option from cron file
Closes: https://bugs.gentoo.org/651980
Package-Manager: Portage-2.3.31, Repoman-2.3.9
Diffstat (limited to 'app-forensics')
-rw-r--r-- | app-forensics/rkhunter/files/rkhunter-1.4.cron | 134 | ||||
-rw-r--r-- | app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild | 63 |
2 files changed, 197 insertions, 0 deletions
diff --git a/app-forensics/rkhunter/files/rkhunter-1.4.cron b/app-forensics/rkhunter/files/rkhunter-1.4.cron new file mode 100644 index 000000000000..6c73305d3e8c --- /dev/null +++ b/app-forensics/rkhunter/files/rkhunter-1.4.cron @@ -0,0 +1,134 @@ +#!/bin/bash +# original author: Aaron Walker <ka0ttic@gentoo.org> + +########################## Begin Configuration ############################### + +# Default options - more options may be added depending on the +# configuration variables you set below +# --cronjob implies -c, --nocolor, --sk +RKHUNTER_OPTS="--cronjob --summary" + +# Set this to 'yes' to enable ; this script does nothing otherwise +ENABLE=no + +# Automatically update rkhunter's dat files prior to running? +UPDATE=no + +# Set this to 'yes' if you wish the output to be mailed to you +SEND_EMAIL=no + +# NOTE: the following EMAIL_* variables are only relevant if you set the +# SEND_EMAIL variable to 'yes' +EMAIL_SUBJECT="${HOSTNAME}: rkhunter output" +EMAIL_RECIPIENT=root +EMAIL_CMD="|mail -s \"${EMAIL_SUBJECT}\" ${EMAIL_RECIPIENT}" + +# Log rkhunter output? +LOG=no + +# The default log location is /var/log/rkhunter.log. Set this variable if +# you'd like to use an alternate location. +#LOGFILE="" + +# By default, the log file created by rkhunter is world-readable (0644). If +# you'd like to modify the permissions afterwards, set this variable. The +# value of this variable, must be a valid chmod argument such as '0600' or +# 'u+rw,go-rwx'. See the chmod(1) manual page for more information. +#LOGFILE_PERMS="0600" + +# By default, rkhunter overwrites the previous log. Set this variable +# to 'yes' if you'd like the log output appended to the logfile, instead +# of overwriting it. +SAVE_OLD_LOGS=no + +# Set to 1 to recieve only warnings & errors +# Set to 2 to recieve ALL rkhunter output +# Set to 3 to recieve rkhunter report +VERBOSITY=3 + +########################### End Configuration ################################ + +# exit immediately, unless enabled +[[ "${ENABLE}" == "yes" ]] || exit 0 + +# debug mode? (mainly for my benefit) +if [[ -n "${1}" ]] && [[ ${1} = "-d" ]] ; then + set -o verbose -o xtrace +fi + +[[ -z "${LOGFILE}" ]] && LOGFILE="/var/log/rkhunter.log" + +# moved this out of config section since it'll +# probably never need to be changed +RKHUNTER_EXEC="/usr/sbin/rkhunter" + +# sanity check +if [[ ! -x "${RKHUNTER_EXEC}" ]] ; then + echo "${RKHUNTER_EXEC} does not exist or is not executable!" + exit 1 +fi + +# we create a few tmp files, so let's at least make +# them readable/writable by root only +umask 0077 + +# all output goes to this temp file +_tmpout=$(mktemp /tmp/rkhunter.cron.XXXXXX) +exec > ${_tmpout} 2>&1 + +# update data files +if [[ "${UPDATE}" == "yes" ]] ; then + # save the output of --update in a tmp file so that it can be mailed + # along with the scan output; otherwise the user will get 2 mails + #${RKHUNTER_EXEC} --nocolor --update + echo "In Gentoo, update option is disabled due to CVE-2017-7480." +fi + +# formulate options string according to user configuration +[[ "${LOG}" == "yes" ]] && \ + RKHUNTER_OPTS="${RKHUNTER_OPTS} --createlogfile ${LOGFILE}" + +case "${VERBOSITY}" in + # warnings and errors only + 1) RKHUNTER_OPTS="${RKHUNTER_OPTS} --quiet" ;; + # default rkhunter output (no extra options) +# 2) ;; + # default to option 3 + *) ;; +esac + +# save old log +if [[ "${LOG}" == "yes" && "${SAVE_OLD_LOGS}" == "yes" ]] ; then + if [[ -e "${LOGFILE}" ]] ; then + _tmpfile=$(mktemp ${LOGFILE}.XXXXXX) + mv -f ${LOGFILE} ${_tmpfile} + echo -e "--\nrkhunter.cron commencing at: $(date)\n--" >> ${_tmpfile} + fi +fi + +# finally, run rkhunter +CMD="${RKHUNTER_EXEC} ${RKHUNTER_OPTS}" +eval ${CMD} +RV=$? + +# email output? +if [[ "${SEND_EMAIL}" == "yes" ]] ; then + CMD="cat ${_tmpout} ${EMAIL_CMD}" + eval ${CMD} +fi + +# remove temp file +[[ -n "${_tmpout}" ]] && rm -f ${_tmpout} + +[[ "${LOG}" != "yes" ]] && exit ${RV} + +# from this point on, we can assume logging is enabled + +# append new log to old log and restore +if [[ -n "${_tmpfile}" ]] ; then + cat ${LOGFILE} >> ${_tmpfile} + mv ${_tmpfile} ${LOGFILE} +fi + +chmod ${LOGFILE_PERMS:-0644} ${LOGFILE} +exit ${RV} diff --git a/app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild b/app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild new file mode 100644 index 000000000000..e292e6dde3a9 --- /dev/null +++ b/app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit bash-completion-r1 + +DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers" +HOMEPAGE="http://rkhunter.sf.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~mips ~ppc ~x86" +IUSE="" + +RDEPEND=" + app-shells/bash + dev-lang/perl + sys-process/lsof[rpc] +" + +S="${WORKDIR}/${P}/files" + +PATCHES=( + "${FILESDIR}/${PN}-1.4.6-conf.patch" + "${FILESDIR}/${PN}-1.4.6-no-insecure-web.patch" +) + +src_install() { + # rkhunter requires to be root + dosbin ${PN} + + insinto /etc + doins ${PN}.conf + + exeinto /usr/lib/${PN}/scripts + doexe *.pl + + insinto /var/lib/${PN}/db + doins *.dat + + insinto /var/lib/${PN}/db/i18n + doins i18n/* + + doman ${PN}.8 + dodoc ACKNOWLEDGMENTS CHANGELOG FAQ README + + exeinto /etc/cron.daily + newexe "${FILESDIR}/${PN}-1.4.cron" ${PN} + + newbashcomp "${FILESDIR}/${PN}.bash-completion" ${PN} +} + +pkg_postinst() { + elog "A cron script has been installed to /etc/cron.daily/rkhunter." + elog "To enable it, edit /etc/cron.daily/rkhunter and follow the" + elog "directions." + elog "If you want ${PN} to send mail, you will need to install" + elog "virtual/mailx or alter the EMAIL_CMD variable in the" + elog "cron script and possibly the MAIL_CMD variable in the" + elog "${PN}.conf file to use another mail client." +} |