svn commit: r443547 - in head/security/rkhunter: . files
Richard Gallamore
ultima at FreeBSD.org
Wed Jun 14 00:14:23 UTC 2017
Author: ultima
Date: Wed Jun 14 00:14:21 2017
New Revision: 443547
URL: https://svnweb.freebsd.org/changeset/ports/443547
Log:
* Add fetch function to rkhunter
* Remove wget as a dependency
* Added NO_ARCH
* Fixed portlint items
PR: 219825
Submitted by: Helge Oldach <freebsd at oldach.net>
Reviewed by: matthew (mentor)
Approved by: Lukasz Wasikowski <lukasz at wasikowski.net> (maintainer), matthew (mentor)
Differential Revision: https://reviews.freebsd.org/D11168
Added:
head/security/rkhunter/files/patch-files_rkhunter (contents, props changed)
head/security/rkhunter/files/patch-files_rkhunter.conf (contents, props changed)
Deleted:
head/security/rkhunter/files/patch-files__rkhunter.conf
Modified:
head/security/rkhunter/Makefile
head/security/rkhunter/files/patch-installer.sh
head/security/rkhunter/pkg-plist
Modified: head/security/rkhunter/Makefile
==============================================================================
--- head/security/rkhunter/Makefile Tue Jun 13 22:49:20 2017 (r443546)
+++ head/security/rkhunter/Makefile Wed Jun 14 00:14:21 2017 (r443547)
@@ -3,7 +3,7 @@
PORTNAME= rkhunter
PORTVERSION= 1.4.2
-PORTREVISION= 3
+PORTREVISION= 4
CATEGORIES= security
MASTER_SITES= SF
@@ -15,12 +15,12 @@ LICENSE= GPLv2
OPTIONS_DEFINE= LSOF NMAP DOCS
OPTIONS_DEFAULT=LSOF
-RUN_DEPENDS+= p5-Digest-SHA1>=0:security/p5-Digest-SHA1 \
- ${LOCALBASE}/bin/wget:ftp/wget
+RUN_DEPENDS+= p5-Digest-SHA1>=0:security/p5-Digest-SHA1
USES= perl5 shebangfix
SHEBANG_FILES= files/check_modules.pl files/filehashsha.pl \
files/stat.pl
+NO_ARCH= yes
NO_BUILD= yes
SUB_FILES= 415.${PORTNAME}
Added: head/security/rkhunter/files/patch-files_rkhunter
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/rkhunter/files/patch-files_rkhunter Wed Jun 14 00:14:21 2017 (r443547)
@@ -0,0 +1,21 @@
+--- files/rkhunter.orig 2014-03-12 20:54:55 UTC
++++ files/rkhunter
+@@ -7275,6 +7275,9 @@ download_file() {
+ rm -f "${OUTPUT_FILE}" >/dev/null 2>&1
+
+ case "${RKHWEBCMD_BASE}" in
++ fetch)
++ CMD="${RKHWEBCMD} ${RKHWEBCMD_OPTS} -q -o \"${OUTPUT_FILE}\" ${MIRROR}${URL} 2>/dev/null"
++ ;;
+ wget)
+ CMD="${RKHWEBCMD} ${RKHWEBCMD_OPTS} -q -O \"${OUTPUT_FILE}\" ${MIRROR}${URL} 2>/dev/null"
+ ;;
+@@ -18557,7 +18560,7 @@ REQCMDS="awk cat chmod chown cp cut date egrep grep he
+ # List of commands used to download files from the web. This list is
+ # used by the '--update' and '--versioncheck' options. Preferred commands
+ # are listed first. This can be overridden by the config file.
+-WEBCMDLIST="wget curl elinks links lynx bget GET"
++WEBCMDLIST="fetch wget curl elinks links lynx bget GET"
+
+ RKHWEBCMD=""
+ RKHWEBCMD_OPTS=""
Added: head/security/rkhunter/files/patch-files_rkhunter.conf
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/rkhunter/files/patch-files_rkhunter.conf Wed Jun 14 00:14:21 2017 (r443547)
@@ -0,0 +1,82 @@
+--- files/rkhunter.conf.orig 2014-01-25 21:29:51 UTC
++++ files/rkhunter.conf
+@@ -154,7 +154,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
+ #
+-#TMPDIR=/var/lib/rkhunter/tmp
++TMPDIR=RKHPREFIX/var/lib/rkhunter/tmp
+
+ #
+ # This option specifies the database directory to use.
+@@ -163,7 +163,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
+ #
+-#DBDIR=/var/lib/rkhunter/db
++DBDIR=RKHPREFIX/var/lib/rkhunter/db
+
+ #
+ # This option specifies the script directory to use.
+@@ -171,7 +171,7 @@
+ # The installer program will set the default directory. If this default is
+ # subsequently commented out or removed, then the program will not run.
+ #
+-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
++SCRIPTDIR=RKHPREFIX/lib/rkhunter/scripts
+
+ #
+ # This option can be used to modify the command directory list used by rkhunter
+@@ -303,7 +303,7 @@ AUTO_X_DETECT=1
+ #
+ # The default value is 'no'.
+ #
+-#ALLOW_SSH_ROOT_USER=no
++ALLOW_SSH_ROOT_USER=unset
+
+ #
+ # Set this option to '1' to allow the use of the SSH-1 protocol, but note
+@@ -317,7 +317,7 @@ AUTO_X_DETECT=1
+ #
+ # The default value is '0'.
+ #
+-#ALLOW_SSH_PROT_V1=0
++ALLOW_SSH_PROT_V1=2
+
+ #
+ # This setting tells rkhunter the directory containing the SSH configuration
+@@ -575,6 +575,8 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet
+ # The default value is the null string.
+ #
+ #SCRIPTWHITELIST=/usr/bin/groups
++SCRIPTWHITELIST=/usr/bin/whatis
++SCRIPTWHITELIST=/usr/sbin/adduser
+
+ #
+ # Allow the specified file to have the immutable attribute set.
+@@ -584,6 +586,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet
+ # The default value is the null string.
+ #
+ #IMMUTWHITELIST=/sbin/ifdown
++IMMUTWHITELIST=/usr/bin/login
++IMMUTWHITELIST=/usr/bin/passwd
++IMMUTWHITELIST=/usr/bin/su
++IMMUTWHITELIST=/sbin/init
+
+ #
+ # If this option is set to '1', then the immutable-bit test is reversed. That
+@@ -787,6 +793,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet
+ # The default value is the null string.
+ #
+ #UID0_ACCOUNTS=toor rooty
++UID0_ACCOUNTS=toor
+
+ #
+ # This option allows the specified accounts to have no password. NIS/YP entries
+@@ -1222,3 +1229,6 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet
+ #
+ #EMPTY_LOGFILES=""
+ #MISSING_LOGFILES=""
++
++INSTALLDIR=RKHPREFIX
++USER_FILEPROP_FILES_DIRS=RKHPREFIX/etc/rkhunter.conf
Modified: head/security/rkhunter/files/patch-installer.sh
==============================================================================
--- head/security/rkhunter/files/patch-installer.sh Tue Jun 13 22:49:20 2017 (r443546)
+++ head/security/rkhunter/files/patch-installer.sh Wed Jun 14 00:14:21 2017 (r443547)
@@ -1,6 +1,6 @@
---- ./installer.sh.orig 2012-04-27 00:10:12.000000000 +0200
-+++ ./installer.sh 2012-07-03 23:56:30.000000000 +0200
-@@ -392,7 +392,7 @@
+--- installer.sh.orig 2014-02-24 02:37:15 UTC
++++ installer.sh
+@@ -392,7 +392,7 @@ selectTemplate() { # Take input from the "--install pa
RKHINST_ETC_DIR="${SYSCONFIGDIR}"
RKHINST_BIN_DIR="${BINDIR}"
RKHINST_SCRIPT_DIR="${LIBDIR}/${APPNAME}/scripts"
@@ -9,7 +9,7 @@
if [ "${RKHINST_LAYOUT}" = "oldschool" ]; then
RKHINST_DB_DIR="${VARDIR}/${APPNAME}/db"
-@@ -406,12 +406,12 @@
+@@ -406,12 +406,12 @@ selectTemplate() { # Take input from the "--install pa
elif [ "${RKHINST_LAYOUT}" = "TXZ" ]; then
RKHINST_DB_DIR="${VARDIR}/lib/${APPNAME}/db"
RKHINST_TMP_DIR="${VARDIR}/lib/${APPNAME}/tmp"
@@ -24,11 +24,12 @@
fi
RKHINST_LANG_DIR="${RKHINST_DB_DIR}/i18n"
-@@ -1076,22 +1076,6 @@
+@@ -1099,22 +1099,6 @@ doRemove() {
+ fi
fi
done
-
-
+-
- # Application
- for FILE in ${RKHINST_BIN_FILES}; do
- if [ -f "${RKHINST_BIN_DIR}/${FILE}" ]; then
@@ -43,7 +44,6 @@
- fi
- done
-
--
+
# Configuration file
for FILE in ${RKHINST_ETC_FILE}; do
- if [ -f "${RKHINST_ETC_DIR}/${FILE}" ]; then
Modified: head/security/rkhunter/pkg-plist
==============================================================================
--- head/security/rkhunter/pkg-plist Tue Jun 13 22:49:20 2017 (r443546)
+++ head/security/rkhunter/pkg-plist Wed Jun 14 00:14:21 2017 (r443547)
@@ -30,8 +30,8 @@ var/lib/rkhunter/db/signatures/RKH_sshd.ldb
var/lib/rkhunter/db/signatures/RKH_turtle.ldb
var/lib/rkhunter/db/signatures/RKH_xsyslog.ldb
var/lib/rkhunter/db/suspscan.dat
- at unexec rm -f %D/var/lib/rkhunter/db/rkhunter_prop_list.dat 2> /dev/null || true
- at unexec rm -f %D/var/lib/rkhunter/db/rkhunter.dat* 2> /dev/null || true
+ at postunexec rm -f %D/var/lib/rkhunter/db/rkhunter_prop_list.dat 2> /dev/null || true
+ at postunexec rm -f %D/var/lib/rkhunter/db/rkhunter.dat* 2> /dev/null || true
var/lib/rkhunter/tmp/group
var/lib/rkhunter/tmp/passwd
@dir(,,0750) lib/rkhunter/scripts
More information about the svn-ports-all
mailing list