summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Palimaka <kensington@gentoo.org>2018-05-26 20:28:38 +1000
committerMichael Palimaka <kensington@gentoo.org>2018-05-26 20:29:02 +1000
commit279eb849abb2875b3f3181a4a1b3e47b24c5643a (patch)
tree735268b2325ade3882448202b40fb49792904ea1 /app-forensics
parentsys-apps/pcmciautils: Drop old (diff)
downloadgentoo-279eb849abb2875b3f3181a4a1b3e47b24c5643a.tar.gz
gentoo-279eb849abb2875b3f3181a4a1b3e47b24c5643a.tar.bz2
gentoo-279eb849abb2875b3f3181a4a1b3e47b24c5643a.zip
app-forensics/rkhunter: revbump removes update option from cron file
Closes: https://bugs.gentoo.org/651980 Package-Manager: Portage-2.3.31, Repoman-2.3.9
Diffstat (limited to 'app-forensics')
-rw-r--r--app-forensics/rkhunter/files/rkhunter-1.4.cron134
-rw-r--r--app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild63
2 files changed, 197 insertions, 0 deletions
diff --git a/app-forensics/rkhunter/files/rkhunter-1.4.cron b/app-forensics/rkhunter/files/rkhunter-1.4.cron
new file mode 100644
index 000000000000..6c73305d3e8c
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter-1.4.cron
@@ -0,0 +1,134 @@
+#!/bin/bash
+# original author: Aaron Walker <ka0ttic@gentoo.org>
+
+########################## Begin Configuration ###############################
+
+# Default options - more options may be added depending on the
+# configuration variables you set below
+# --cronjob implies -c, --nocolor, --sk
+RKHUNTER_OPTS="--cronjob --summary"
+
+# Set this to 'yes' to enable ; this script does nothing otherwise
+ENABLE=no
+
+# Automatically update rkhunter's dat files prior to running?
+UPDATE=no
+
+# Set this to 'yes' if you wish the output to be mailed to you
+SEND_EMAIL=no
+
+# NOTE: the following EMAIL_* variables are only relevant if you set the
+# SEND_EMAIL variable to 'yes'
+EMAIL_SUBJECT="${HOSTNAME}: rkhunter output"
+EMAIL_RECIPIENT=root
+EMAIL_CMD="|mail -s \"${EMAIL_SUBJECT}\" ${EMAIL_RECIPIENT}"
+
+# Log rkhunter output?
+LOG=no
+
+# The default log location is /var/log/rkhunter.log. Set this variable if
+# you'd like to use an alternate location.
+#LOGFILE=""
+
+# By default, the log file created by rkhunter is world-readable (0644). If
+# you'd like to modify the permissions afterwards, set this variable. The
+# value of this variable, must be a valid chmod argument such as '0600' or
+# 'u+rw,go-rwx'. See the chmod(1) manual page for more information.
+#LOGFILE_PERMS="0600"
+
+# By default, rkhunter overwrites the previous log. Set this variable
+# to 'yes' if you'd like the log output appended to the logfile, instead
+# of overwriting it.
+SAVE_OLD_LOGS=no
+
+# Set to 1 to recieve only warnings & errors
+# Set to 2 to recieve ALL rkhunter output
+# Set to 3 to recieve rkhunter report
+VERBOSITY=3
+
+########################### End Configuration ################################
+
+# exit immediately, unless enabled
+[[ "${ENABLE}" == "yes" ]] || exit 0
+
+# debug mode? (mainly for my benefit)
+if [[ -n "${1}" ]] && [[ ${1} = "-d" ]] ; then
+ set -o verbose -o xtrace
+fi
+
+[[ -z "${LOGFILE}" ]] && LOGFILE="/var/log/rkhunter.log"
+
+# moved this out of config section since it'll
+# probably never need to be changed
+RKHUNTER_EXEC="/usr/sbin/rkhunter"
+
+# sanity check
+if [[ ! -x "${RKHUNTER_EXEC}" ]] ; then
+ echo "${RKHUNTER_EXEC} does not exist or is not executable!"
+ exit 1
+fi
+
+# we create a few tmp files, so let's at least make
+# them readable/writable by root only
+umask 0077
+
+# all output goes to this temp file
+_tmpout=$(mktemp /tmp/rkhunter.cron.XXXXXX)
+exec > ${_tmpout} 2>&1
+
+# update data files
+if [[ "${UPDATE}" == "yes" ]] ; then
+ # save the output of --update in a tmp file so that it can be mailed
+ # along with the scan output; otherwise the user will get 2 mails
+ #${RKHUNTER_EXEC} --nocolor --update
+ echo "In Gentoo, update option is disabled due to CVE-2017-7480."
+fi
+
+# formulate options string according to user configuration
+[[ "${LOG}" == "yes" ]] && \
+ RKHUNTER_OPTS="${RKHUNTER_OPTS} --createlogfile ${LOGFILE}"
+
+case "${VERBOSITY}" in
+ # warnings and errors only
+ 1) RKHUNTER_OPTS="${RKHUNTER_OPTS} --quiet" ;;
+ # default rkhunter output (no extra options)
+# 2) ;;
+ # default to option 3
+ *) ;;
+esac
+
+# save old log
+if [[ "${LOG}" == "yes" && "${SAVE_OLD_LOGS}" == "yes" ]] ; then
+ if [[ -e "${LOGFILE}" ]] ; then
+ _tmpfile=$(mktemp ${LOGFILE}.XXXXXX)
+ mv -f ${LOGFILE} ${_tmpfile}
+ echo -e "--\nrkhunter.cron commencing at: $(date)\n--" >> ${_tmpfile}
+ fi
+fi
+
+# finally, run rkhunter
+CMD="${RKHUNTER_EXEC} ${RKHUNTER_OPTS}"
+eval ${CMD}
+RV=$?
+
+# email output?
+if [[ "${SEND_EMAIL}" == "yes" ]] ; then
+ CMD="cat ${_tmpout} ${EMAIL_CMD}"
+ eval ${CMD}
+fi
+
+# remove temp file
+[[ -n "${_tmpout}" ]] && rm -f ${_tmpout}
+
+[[ "${LOG}" != "yes" ]] && exit ${RV}
+
+# from this point on, we can assume logging is enabled
+
+# append new log to old log and restore
+if [[ -n "${_tmpfile}" ]] ; then
+ cat ${LOGFILE} >> ${_tmpfile}
+ mv ${_tmpfile} ${LOGFILE}
+fi
+
+chmod ${LOGFILE_PERMS:-0644} ${LOGFILE}
+exit ${RV}
diff --git a/app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild b/app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild
new file mode 100644
index 000000000000..e292e6dde3a9
--- /dev/null
+++ b/app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit bash-completion-r1
+
+DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers"
+HOMEPAGE="http://rkhunter.sf.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~mips ~ppc ~x86"
+IUSE=""
+
+RDEPEND="
+ app-shells/bash
+ dev-lang/perl
+ sys-process/lsof[rpc]
+"
+
+S="${WORKDIR}/${P}/files"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-1.4.6-conf.patch"
+ "${FILESDIR}/${PN}-1.4.6-no-insecure-web.patch"
+)
+
+src_install() {
+ # rkhunter requires to be root
+ dosbin ${PN}
+
+ insinto /etc
+ doins ${PN}.conf
+
+ exeinto /usr/lib/${PN}/scripts
+ doexe *.pl
+
+ insinto /var/lib/${PN}/db
+ doins *.dat
+
+ insinto /var/lib/${PN}/db/i18n
+ doins i18n/*
+
+ doman ${PN}.8
+ dodoc ACKNOWLEDGMENTS CHANGELOG FAQ README
+
+ exeinto /etc/cron.daily
+ newexe "${FILESDIR}/${PN}-1.4.cron" ${PN}
+
+ newbashcomp "${FILESDIR}/${PN}.bash-completion" ${PN}
+}
+
+pkg_postinst() {
+ elog "A cron script has been installed to /etc/cron.daily/rkhunter."
+ elog "To enable it, edit /etc/cron.daily/rkhunter and follow the"
+ elog "directions."
+ elog "If you want ${PN} to send mail, you will need to install"
+ elog "virtual/mailx or alter the EMAIL_CMD variable in the"
+ elog "cron script and possibly the MAIL_CMD variable in the"
+ elog "${PN}.conf file to use another mail client."
+}