summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Palimaka <kensington@gentoo.org>2018-03-18 10:52:36 +1100
committerMichael Palimaka <kensington@gentoo.org>2018-03-18 10:53:43 +1100
commit61e995b755727e286d140d8d721340959c434b6c (patch)
treea5ef43b95c0e3d06eaff0c0b507206b2f6b52c03 /app-forensics
parentapp-forensics/rkhunter: add myself as maintainer (diff)
downloadgentoo-61e995b755727e286d140d8d721340959c434b6c.tar.gz
gentoo-61e995b755727e286d140d8d721340959c434b6c.tar.bz2
gentoo-61e995b755727e286d140d8d721340959c434b6c.zip
app-forensics/rkhunter: version bump 1.4.6
Also, add a patch to disable insecure file downloads. Bug: https://bugs.gentoo.org/623150 Closes: https://bugs.gentoo.org/645454 Closes: https://bugs.gentoo.org/648470 Package-Manager: Portage-2.3.24, Repoman-2.3.6
Diffstat (limited to 'app-forensics')
-rw-r--r--app-forensics/rkhunter/Manifest1
-rw-r--r--app-forensics/rkhunter/files/rkhunter-1.4.6-conf.patch38
-rw-r--r--app-forensics/rkhunter/files/rkhunter-1.4.6-no-insecure-web.patch46
-rw-r--r--app-forensics/rkhunter/rkhunter-1.4.6.ebuild63
4 files changed, 148 insertions, 0 deletions
diff --git a/app-forensics/rkhunter/Manifest b/app-forensics/rkhunter/Manifest
index 6b908c6c4895..5fa0e6267d27 100644
--- a/app-forensics/rkhunter/Manifest
+++ b/app-forensics/rkhunter/Manifest
@@ -1,2 +1,3 @@
DIST rkhunter-1.4.2.tar.gz 277707 BLAKE2B 97968801ce5dccefc7d5eb246fd8031091447b9090c5bc9b958ea64835c47661d1f40b5a6352e0c92608a514f237ac2946a7f84498915418581a71d16b497f61 SHA512 a4e45caaaf5b8262619ebb890784c75c4e30db4c6c0eba305f86d419142b4796c95bc55fe8846dce8d58bc7636bdb365a4a8c41707f64d4d81373687c5a3b0d4
DIST rkhunter-1.4.4.tar.gz 297626 BLAKE2B 9d9a50e3541817d8dfec6c76665ae84b92f49ed3128244cb5359f2149203ccdc7cdaa05db3da87f6aa6ee79fa84491f40cdc3443d77359b64c23947cb685516e SHA512 87e9c617220765678cc4519eee27d1d56185c3a7fb1d6338c8fb984ac4f5176c31bb54b69e1de615d66a0cf1e72b672e66b368e37851a459def69463cbb8661e
+DIST rkhunter-1.4.6.tar.gz 302137 BLAKE2B 89c61386b57f743f4205f8c826eaa8a9dc9a0d413ac47efb26b6f93d8d642f619f35b7a4c021521b662547c02a16071b8980d158cfb9e081a64870558dbaeff0 SHA512 c51a21b6b66ed1f73a19d8ce04eaba35999eefcb666acc824989c3bf53ac56d24a33ac4fec290be942e33fe24674406b371eafff73f7e697b9e03ec031b37216
diff --git a/app-forensics/rkhunter/files/rkhunter-1.4.6-conf.patch b/app-forensics/rkhunter/files/rkhunter-1.4.6-conf.patch
new file mode 100644
index 000000000000..5642436ed412
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter-1.4.6-conf.patch
@@ -0,0 +1,38 @@
+
+--- a/rkhunter.conf
++++ b/rkhunter.conf
+@@ -72,6 +72,7 @@
+ # to use.
+ #
+
++INSTALLDIR=/usr
+
+ #
+ # If this option is set to '1', it specifies that the mirrors file
+@@ -154,7 +155,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
+ #
+-#TMPDIR=/var/lib/rkhunter/tmp
++TMPDIR=/var/lib/rkhunter
+
+ #
+ # This option specifies the database directory to use.
+@@ -163,7 +164,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
+ #
+-#DBDIR=/var/lib/rkhunter/db
++DBDIR=/var/lib/rkhunter/db
+
+ #
+ # This option specifies the script directory to use.
+@@ -171,7 +172,7 @@
+ # The installer program will set the default directory. If this default is
+ # subsequently commented out or removed, then the program will not run.
+ #
+-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
++SCRIPTDIR=/usr/lib/rkhunter/scripts
+
+ #
+ # This option can be used to modify the command directory list used by rkhunter
diff --git a/app-forensics/rkhunter/files/rkhunter-1.4.6-no-insecure-web.patch b/app-forensics/rkhunter/files/rkhunter-1.4.6-no-insecure-web.patch
new file mode 100644
index 000000000000..ed3b68c669bc
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter-1.4.6-no-insecure-web.patch
@@ -0,0 +1,46 @@
+Disable insecure web operations (CVE-2017-7480).
+
+Bug: https://bugs.gentoo.org/623150
+
+--- a/rkhunter
++++ b/rkhunter
+@@ -19462,7 +19462,7 @@
+ #
+
+ echo $ECHOOPT ""
+- echo $ECHOOPT "Usage: rkhunter {--check | --unlock | --update | --versioncheck |"
++ echo $ECHOOPT "Usage: rkhunter {--check | --unlock |"
+ echo $ECHOOPT " --propupd [{filename | directory | package name},...] |"
+ echo $ECHOOPT " --list [{tests | {lang | languages} | rootkits | perl | propfiles}] |"
+ echo $ECHOOPT " --config-check | --version | --help} [options]"
+@@ -19518,10 +19518,8 @@
+ echo $ECHOOPT " (Default level is $SYSLOG_DFLT_PRIO)"
+ echo $ECHOOPT " --tmpdir <directory> Use the specified temporary directory"
+ echo $ECHOOPT " --unlock Unlock (remove) the lock file"
+- echo $ECHOOPT " --update Check for updates to database files"
+ echo $ECHOOPT " --vl, --verbose-logging Use verbose logging (on by default)"
+ echo $ECHOOPT " -V, --version Display the version number, then exit"
+- echo $ECHOOPT " --versioncheck Check for latest version of program"
+ echo $ECHOOPT " -x, --autox Automatically detect if X is in use"
+ echo $ECHOOPT " -X, --no-autox Do not automatically detect if X is in use"
+ echo $ECHOOPT ""
+@@ -20396,9 +20394,6 @@
+ --unlock)
+ UNLOCK=1
+ ;;
+- --update)
+- UPDATE=1
+- ;;
+ --vl | --verboselogging | --verbose-logging)
+ VERBOSE_LOGGING=1
+ ;;
+@@ -20407,9 +20402,6 @@
+ echo "${PROGRAM_blurb}"
+ exit 0
+ ;;
+- --versioncheck | --version-check)
+- VERSIONCHECK=1
+- ;;
+ -x | --autox)
+ AUTO_X_OPT=1
+ AUTO_X_DTCT=1
diff --git a/app-forensics/rkhunter/rkhunter-1.4.6.ebuild b/app-forensics/rkhunter/rkhunter-1.4.6.ebuild
new file mode 100644
index 000000000000..149c587a14b8
--- /dev/null
+++ b/app-forensics/rkhunter/rkhunter-1.4.6.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit bash-completion-r1
+
+DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers"
+HOMEPAGE="http://rkhunter.sf.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~mips ~ppc ~x86"
+IUSE=""
+
+RDEPEND="
+ app-shells/bash
+ dev-lang/perl
+ sys-process/lsof[rpc]
+"
+
+S="${WORKDIR}/${P}/files"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-1.4.6-conf.patch"
+ "${FILESDIR}/${PN}-1.4.6-no-insecure-web.patch"
+)
+
+src_install() {
+ # rkhunter requires to be root
+ dosbin ${PN}
+
+ insinto /etc
+ doins ${PN}.conf
+
+ exeinto /usr/lib/${PN}/scripts
+ doexe *.pl
+
+ insinto /var/lib/${PN}/db
+ doins *.dat
+
+ insinto /var/lib/${PN}/db/i18n
+ doins i18n/*
+
+ doman ${PN}.8
+ dodoc ACKNOWLEDGMENTS CHANGELOG FAQ README
+
+ exeinto /etc/cron.daily
+ newexe "${FILESDIR}/${PN}-1.3.cron" ${PN}
+
+ newbashcomp "${FILESDIR}/${PN}.bash-completion" ${PN}
+}
+
+pkg_postinst() {
+ elog "A cron script has been installed to /etc/cron.daily/rkhunter."
+ elog "To enable it, edit /etc/cron.daily/rkhunter and follow the"
+ elog "directions."
+ elog "If you want ${PN} to send mail, you will need to install"
+ elog "virtual/mailx or alter the EMAIL_CMD variable in the"
+ elog "cron script and possibly the MAIL_CMD variable in the"
+ elog "${PN}.conf file to use another mail client."
+}