Summary: | security/rkhunter: Various pkg checksum mismatch issues in rkhunter-1.4.4 | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | martin |
Component: | Individual Port(s) | Assignee: | Tobias Kortkamp <tobik> |
Status: | Closed FIXED | ||
Severity: | Affects Only Me | CC: | freebsd, lukasz, miwi, solarcatcher, w.schwarzenfeld |
Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(lukasz) |
Version: | Latest | ||
Hardware: | Any | ||
OS: | Any | ||
Bug Depends on: | 227837 | ||
Bug Blocks: |
Description
martin
2017-12-04 16:24:49 UTC
I had installed rkhunter with port. I had the same result with pkg check, but recompile rkhunter solved this. No! The issue appears again. FYI: Same warnings on HardenedBSD 11.1 (v1100054) with the latest official packages from their repo. I've noticed this as well (and had hoped it would be fixed soon, but apparently it does not affect all people?). Also `rkhunter --update` now seems to fail. I already tried rebuilding the port, but to no avail. (In reply to Peter Putzer from comment #4) OK, the update problem is due to SourceForge being down, but the checksum mismatch is still a thing :( Should solved with update to 1.4.6 => bug #227837. (In reply to w.schwarzenfeld from comment #6) I'm not convinced that 1.4.6 will fix this permanently, because the problems are in the port. There are two different problems: 1) The files in /usr/local/var/lib/rkhunter/db/i18n/ can updated by the --update option. If you want to include them in the pkg, then I think they should be handled using @sample in the pkg-plist like mirrors.dat (and renamed to *.sample in the do-install part of the Makefile). 2) The files in /usr/local/var/lib/rkhunter/tmp/passwd and /usr/local/var/lib/rkhunter/tmp/group are updated when rkhunter is run, so should not be copied into the pkg. I think pkg-plist should be changed to replace var/lib/rkhunter/tmp/passwd by something like @postexec cp /etc/passed %D/var/lib/rkhunter/tmp/passwd 2> /dev/null || true @postunexec rm -f %D/var/lib/rkhunter/tmp/passwd 2> /dev/null || true and ditto for var/lib/rkhunter/tmp/group. You are right, I change it in the other PR: |