Bug 224084

Summary: security/rkhunter: Various pkg checksum mismatch issues in rkhunter-1.4.4
Product: Ports & Packages Reporter: martin
Component: Individual Port(s)Assignee: Tobias Kortkamp <tobik>
Status: Closed FIXED    
Severity: Affects Only Me CC: freebsd, lukasz, miwi, solarcatcher, w.schwarzenfeld
Priority: --- Flags: bugzilla: maintainer-feedback? (lukasz)
Version: Latest   
Hardware: Any   
OS: Any   
Bug Depends on: 227837    
Bug Blocks:    

Description martin 2017-12-04 16:24:49 UTC
I have rkhunter-1.4.4 installed from the quarterly packages build. Running "pkg check -s -g rkhunter" gives the following:

Checking rkhunter:   0%
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/db/i18n/en
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/db/i18n/tr
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/db/i18n/tr.utf8
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/tmp/group
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/tmp/passwd
Checking rkhunter: 100%
Comment 1 Walter Schwarzenfeld 2017-12-12 22:44:04 UTC
I had installed rkhunter with port. I had the same result with pkg check, but recompile rkhunter
solved this.
Comment 2 Walter Schwarzenfeld 2017-12-15 23:45:39 UTC
No! The issue appears again.
Comment 3 SolarCatcher 2017-12-21 07:38:03 UTC
FYI: Same warnings on HardenedBSD 11.1 (v1100054) with the latest official packages from their repo.
Comment 4 Peter Putzer 2018-03-02 07:09:14 UTC
I've noticed this as well (and had hoped it would be fixed soon, but apparently it does not affect all people?). Also `rkhunter --update` now seems to fail. I already tried rebuilding the port, but to no avail.
Comment 5 Peter Putzer 2018-03-02 07:15:38 UTC
(In reply to Peter Putzer from comment #4)
OK, the update problem is due to SourceForge being down, but the checksum mismatch is still a thing :(
Comment 6 Walter Schwarzenfeld 2018-10-12 18:20:14 UTC
Should solved with update to 1.4.6 => bug #227837.
Comment 7 martin 2018-10-15 13:38:00 UTC
(In reply to w.schwarzenfeld from comment #6)

I'm not convinced that 1.4.6 will fix this permanently, because the problems are in the port.

There are two different problems:

1) The files in /usr/local/var/lib/rkhunter/db/i18n/ can updated by the --update option.  If you want to include them in the pkg, then I think they should be handled using @sample in the pkg-plist like mirrors.dat (and renamed to *.sample in the do-install part of the Makefile).

2) The files in /usr/local/var/lib/rkhunter/tmp/passwd and /usr/local/var/lib/rkhunter/tmp/group are updated when rkhunter is run, so should not be copied into the pkg.  I think pkg-plist should be changed to replace

var/lib/rkhunter/tmp/passwd

by something like

@postexec cp /etc/passed %D/var/lib/rkhunter/tmp/passwd 2> /dev/null || true
@postunexec rm -f %D/var/lib/rkhunter/tmp/passwd 2> /dev/null || true

and ditto for var/lib/rkhunter/tmp/group.
Comment 8 Walter Schwarzenfeld 2018-10-15 13:58:08 UTC
You are right, I change it in the other PR: