Bug 153024 - security/rkhunter should not overwrite /usr/local/etc/rkhunter.conf
Summary: security/rkhunter should not overwrite /usr/local/etc/rkhunter.conf
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Sofian Brabez
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-12-11 21:00 UTC by Trond.Endrestol
Modified: 2011-04-20 14:00 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Trond.Endrestol 2010-12-11 21:00:21 UTC
security/rkhunter should not overwrite /usr/local/etc/rkhunter.conf.
The port should instead take the same approach as done by the majority of the ports, namely install the sample configuration file as something harmless, such as /usr/local/etc/rkhunter.conf.sample.

Fix: 

Change the port's Makefile and pkg-plist files as appropriate.
How-To-Repeat: Upgrade/reinstall security/rkhunter from ports.
Comment 1 Edwin Groothuis freebsd_committer 2010-12-11 21:00:24 UTC
Maintainer of security/rkhunter,

Please note that PR ports/153024 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/153024

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 2 Edwin Groothuis freebsd_committer 2010-12-11 21:00:28 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 3 Sofian Brabez 2011-01-11 21:30:26 UTC
Hi Trond,

Normally security/rkhunter during an update renamed your old
configuration with the following scheme :
${RKHINST_ETC_DIR}rkhunter.conf`date +%Y%m%d%H%M%S`, so your old
configuration is never delete or overwrite.

By default RKHINST_ETC_DIR is set to /usr/local/etc/ folder.

You just have to renamed it to keep your old configuration, it's done
like that because rkhunter handle internally the update. If you want
to know more about this, you could check the source code into
installer.sh file

For example, below I've updated it and I got two files, my old created
the 27 November 2010 and my new of 11 January 2011:

(root@freebsd81:/tmp/) # stat /usr/local/etc/rkhunter.conf.20101127023538
73 391826 -rw-r----- 1 root wheel 1599104 37308 "Jan 11 23:11:10 2011"
"Nov 27 02:35:38 2010" "Nov 27 02:35:38 2010" "Nov 27 02:35:38 2010"
16384 76 0 /usr/local/etc/rkhunter.conf.20101127023538
(root@freebsd81:/tmp/rkhunter) # ls -l /usr/local/etc/rkhunter*
-rw-r-----  1 root  wheel  37308 Jan 11 23:10 /usr/local/etc/rkhunter.conf
-rw-r-----  1 root  wheel  37308 Nov 27 02:35
/usr/local/etc/rkhunter.conf.20101127023538

Sorry for my late answer.

Regards

-- 
sbz
Comment 4 Trond.Endrestol 2011-01-12 15:14:17 UTC
On Tue, 11 Jan 2011 22:30+0100, Sofian Brabez wrote:

> Normally security/rkhunter during an update renamed your old 
> configuration with the following scheme : 
> ${RKHINST_ETC_DIR}rkhunter.conf`date +%Y%m%d%H%M%S`, so your old 
> configuration is never delete or overwrite.

Lucky for me I store all my configuration files in CVS. I don't see 
this happen, could it be due to portupgrade, which probably deinstalls 
the port, then (re)installs the port, thus (re)creating a plain 
configuration file?

I believe the consensus is that no configuration file should be 
automatically removed during deinstall of any ports, and only sample 
configuration files should be installed by the ports.

In my case I just rename the plain configuration file, perform a cvs 
update, and if necessary merge the differences and commit a new 
version. To me this is fine.


Trond.

-- 
----------------------------------------------------------------------
Trond Endrestøl                     |     Trond.Endrestol@ximalas.info
ACM, NAS, NUUG, SAGE, USENIX        | FreeBSD 8.2-PRE & re-Alpine 2.01
Comment 5 Mark Linimon freebsd_committer freebsd_triage 2011-03-23 08:36:58 UTC
Responsible Changed
From-To: freebsd-ports-bugs->sbz

Over to maintainer.
Comment 6 dfilter service freebsd_committer 2011-04-20 13:54:00 UTC
sbz         2011-04-20 12:53:50 UTC

  FreeBSD ports repository

  Modified files:
    security/rkhunter    Makefile pkg-plist 
  Log:
  - Install sample configuration file
  - Add LICENSE
  
  PR:             ports/153024
  Submitted by:   Trond Endrestøl <Trond.Endrestol at ximalas.info>
  Approved by:    jadawin@ (mentor)
  
  Revision  Changes    Path
  1.32      +8 -0      ports/security/rkhunter/Makefile
  1.10      +4 -1      ports/security/rkhunter/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 7 Sofian Brabez freebsd_committer 2011-04-20 13:56:10 UTC
State Changed
From-To: feedback->closed

Committed. Thanks!