Attachment #145707 for bug #191842

Lines 6-12 Link Here

(-)Makefile (-3 / +5 lines)
6	CATEGORIES= security	6	CATEGORIES= security
7	MASTER_SITES= SF	7	MASTER_SITES= SF
8		8
9	MAINTAINER= ports@FreeBSD.org	9	MAINTAINER= lukasz@wasikowski.net
10	COMMENT= Rootkit detection tool	10	COMMENT= Rootkit detection tool
11		11
12	LICENSE= GPLv2	12	LICENSE= GPLv2
Lines 27-34 Link Here
27	NMAP_RUN_DEPENDS= nmap:${PORTSDIR}/security/nmap	27	NMAP_RUN_DEPENDS= nmap:${PORTSDIR}/security/nmap
28		28
29	post-patch:	29	post-patch:
30	@${REINPLACE_CMD} -e 's\|{SHAREDIR}/man/man8\|{PREFIX}/man/man8\|g' \	30	@${REINPLACE_CMD} -i '' -e 's\|{SHAREDIR}/man/man8\|{PREFIX}/man/man8\|g' \
31	${WRKSRC}/installer.sh	31	${WRKSRC}/installer.sh
		32	@${REINPLACE_CMD} -i '' -e 's\|RKHPREFIX\|${PREFIX}\|g' \
		33	${WRKSRC}/files/${PORTNAME}.conf
32		34
33	do-install:	35	do-install:
34	cd ${WRKSRC} && ./installer.sh --layout custom ${STAGEDIR}${PREFIX} --install	36	cd ${WRKSRC} && ./installer.sh --layout custom ${STAGEDIR}${PREFIX} --install
Lines 40-46 Link Here
40	${INSTALL_DATA} ${PORTDOCS:S\|^\|${WRKSRC}/files/\|} ${STAGEDIR}${DOCSDIR}	42	${INSTALL_DATA} ${PORTDOCS:S\|^\|${WRKSRC}/files/\|} ${STAGEDIR}${DOCSDIR}
41		43
42	post-install:	44	post-install:
43	${REINPLACE_CMD} -i '' -e 's,${STAGEDIR},,' \	45	@${REINPLACE_CMD} -i '' -e 's\|${STAGEDIR}\|\|g' \
44	${STAGEDIR}${PREFIX}/bin/${PORTNAME} ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf	46	${STAGEDIR}${PREFIX}/bin/${PORTNAME} ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf
45	${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample	47	${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample
46	${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample	48	${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample




--- files/rkhunter.conf.orig	2014-01-25 22:29:51.000000000 +0100
+++ files/rkhunter.conf	2014-08-11 23:18:14.887973000 +0200
@@ -154,7 +154,7 @@
 # subsequently commented out or removed, then the program will assume a
 # default directory beneath the installation directory.
 #
-#TMPDIR=/var/lib/rkhunter/tmp
+TMPDIR=RKHPREFIX/var/lib/rkhunter/tmp
 
 #
 # This option specifies the database directory to use.
@@ -163,7 +163,7 @@
 # subsequently commented out or removed, then the program will assume a
 # default directory beneath the installation directory.
 #
-#DBDIR=/var/lib/rkhunter/db
+DBDIR=RKHPREFIX/var/lib/rkhunter/db
 
 #
 # This option specifies the script directory to use.
@@ -171,7 +171,7 @@
 # The installer program will set the default directory. If this default is
 # subsequently commented out or removed, then the program will not run.
 #
-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
+SCRIPTDIR=RKHPREFIX/lib/rkhunter/scripts
 
 #
 # This option can be used to modify the command directory list used by rkhunter
@@ -303,7 +303,7 @@
 #
 # The default value is 'no'.
 #
-#ALLOW_SSH_ROOT_USER=no
+ALLOW_SSH_ROOT_USER=unset
 
 #
 # Set this option to '1' to allow the use of the SSH-1 protocol, but note
@@ -317,7 +317,7 @@
 #
 # The default value is '0'.
 #
-#ALLOW_SSH_PROT_V1=0
+ALLOW_SSH_PROT_V1=2
 
 #
 # This setting tells rkhunter the directory containing the SSH configuration
@@ -575,6 +575,8 @@
 # The default value is the null string.
 #
 #SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/usr/bin/whatis
+SCRIPTWHITELIST=/usr/sbin/adduser
+SCRIPTWHITELIST=/usr/local/bin/GET
+SCRIPTWHITELIST=/usr/local/sbin/pkgdb
 
 #
 # Allow the specified file to have the immutable attribute set.
@@ -584,6 +586,10 @@
 # The default value is the null string.
 #
 #IMMUTWHITELIST=/sbin/ifdown

 
 #
 # If this option is set to '1', then the immutable-bit test is reversed. That
@@ -787,6 +793,7 @@
 # The default value is the null string.
 #
 #UID0_ACCOUNTS=toor rooty

 
 #
 # This option allows the specified accounts to have no password. NIS/YP entries
@@ -1222,3 +1229,6 @@
 #
 #EMPTY_LOGFILES=""
 #MISSING_LOGFILES=""
+
+INSTALLDIR=RKHPREFIX
+USER_FILEPROP_FILES_DIRS=RKHPREFIX/etc/rkhunter.conf

Return to bug 191842

Lines 1-17 Link Here

(-)files/patch-files__rkhunter.conf (-7 / +57 lines)
1	--- files/rkhunter.conf.orig 2014-06-06 09:59:35.000000000 -0400	1	--- files/rkhunter.conf.orig 2014-01-25 22:29:51.000000000 +0100
2	+++ files/rkhunter.conf 2014-06-06 10:01:32.000000000 -0400	2	+++ files/rkhunter.conf 2014-08-11 23:18:14.887973000 +0200
3	@@ -575,6 +575,10 @@	3	@@ -154,7 +154,7 @@
		4	# subsequently commented out or removed, then the program will assume a
		5	# default directory beneath the installation directory.
		6	#
		7	-#TMPDIR=/var/lib/rkhunter/tmp
		8	+TMPDIR=RKHPREFIX/var/lib/rkhunter/tmp
		9
		10	#
		11	# This option specifies the database directory to use.
		12	@@ -163,7 +163,7 @@
		13	# subsequently commented out or removed, then the program will assume a
		14	# default directory beneath the installation directory.
		15	#
		16	-#DBDIR=/var/lib/rkhunter/db
		17	+DBDIR=RKHPREFIX/var/lib/rkhunter/db
		18
		19	#
		20	# This option specifies the script directory to use.
		21	@@ -171,7 +171,7 @@
		22	# The installer program will set the default directory. If this default is
		23	# subsequently commented out or removed, then the program will not run.
		24	#
		25	-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
		26	+SCRIPTDIR=RKHPREFIX/lib/rkhunter/scripts
		27
		28	#
		29	# This option can be used to modify the command directory list used by rkhunter
		30	@@ -303,7 +303,7 @@
		31	#
		32	# The default value is 'no'.
		33	#
		34	-#ALLOW_SSH_ROOT_USER=no
		35	+ALLOW_SSH_ROOT_USER=unset
		36
		37	#
		38	# Set this option to '1' to allow the use of the SSH-1 protocol, but note
		39	@@ -317,7 +317,7 @@
		40	#
		41	# The default value is '0'.
		42	#
		43	-#ALLOW_SSH_PROT_V1=0
		44	+ALLOW_SSH_PROT_V1=2
		45
		46	#
		47	# This setting tells rkhunter the directory containing the SSH configuration
		48	@@ -575,6 +575,8 @@
4	# The default value is the null string.	49	# The default value is the null string.
5	#	50	#
6	#SCRIPTWHITELIST=/usr/bin/groups	51	#SCRIPTWHITELIST=/usr/bin/groups
7	+SCRIPTWHITELIST=/usr/bin/whatis	52	+SCRIPTWHITELIST=/usr/bin/whatis
8	+SCRIPTWHITELIST=/usr/sbin/adduser	53	+SCRIPTWHITELIST=/usr/sbin/adduser
9	+SCRIPTWHITELIST=/usr/local/bin/GET
10	+SCRIPTWHITELIST=/usr/local/sbin/pkgdb
11		54
12	#	55	#
13	# Allow the specified file to have the immutable attribute set.	56	# Allow the specified file to have the immutable attribute set.
14	@@ -584,6 +588,10 @@	57	@@ -584,6 +586,10 @@
15	# The default value is the null string.	58	# The default value is the null string.
16	#	59	#
17	#IMMUTWHITELIST=/sbin/ifdown	60	#IMMUTWHITELIST=/sbin/ifdown
Lines 22-28 Link Here
22		65
23	#	66	#
24	# If this option is set to '1', then the immutable-bit test is reversed. That	67	# If this option is set to '1', then the immutable-bit test is reversed. That
25	@@ -787,6 +795,7 @@	68	@@ -787,6 +793,7 @@
26	# The default value is the null string.	69	# The default value is the null string.
27	#	70	#
28	#UID0_ACCOUNTS=toor rooty	71	#UID0_ACCOUNTS=toor rooty
Lines 30-32 Link Here
30		73
31	#	74	#
32	# This option allows the specified accounts to have no password. NIS/YP entries	75	# This option allows the specified accounts to have no password. NIS/YP entries
		76	@@ -1222,3 +1229,6 @@
		77	#
		78	#EMPTY_LOGFILES=""
		79	#MISSING_LOGFILES=""
		80	+
		81	+INSTALLDIR=RKHPREFIX
		82	+USER_FILEPROP_FILES_DIRS=RKHPREFIX/etc/rkhunter.conf