Bug 191842 - security/rkhunter (v1.4.2) distributed configuration file has missing and erroneous entries
Summary: security/rkhunter (v1.4.2) distributed configuration file has missing and err...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Many People
Assignee: Carlo Strub
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-07-12 15:11 UTC by Gerard J. Cerchio
Modified: 2014-08-12 18:38 UTC (History)
3 users (show)

See Also:


Attachments
Correct the rkhunter paths for FreeBSD (2.04 KB, patch)
2014-08-04 01:56 UTC, Gerard J. Cerchio
no flags Details | Diff
Updated Gerard's patch for rkhunter 1.4.2 (3.93 KB, patch)
2014-08-12 10:37 UTC, Lukasz Wasikowski
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Gerard J. Cerchio 2014-07-12 15:11:56 UTC
rkhunter-1.4.2 does not run after install due to the default configuration file having missing, erroneous and commented out entries.

Kernel: 9.3-PRERELEASE FreeBSD 9.3-PRERELEASE #4: Thu Jul 10 00:17:20 PDT 2014

problem files: /usr/local/etc/rkhunter.conf
               /usr/local/etc/rkhunter.conf.sample

Both the binary pkg and the installed port in the port tree exhibit the problem.

INSTALLDIR is missing
SCRIPTDIR  is commented out
TMPDIR     is commented out and points to the wrong directory
DBDIR      is commented out and points to the wrong directory

PATCH:

157c157
< #TMPDIR=/var/lib/rkhunter/tmp
---
> TMPDIR=/usr/local/var/lib/rkhunter/tmp
166c166
< #DBDIR=/var/lib/rkhunter/db
---
> DBDIR=/usr/local/var/lib/rkhunter/db
174c174
< #SCRIPTDIR=/usr/local/lib/rkhunter/scripts
---
> SCRIPTDIR=/usr/local/lib/rkhunter/scripts
193a194,195
> INSTALLDIR=/usr/local
>
Comment 1 Lukasz Wasikowski 2014-07-12 15:38:12 UTC
There is more - rkhunter.conf and rkhunter.conf.sample has uncommented SCRIPTWHITELIST=/usr/local/bin/GET. This file is not present in 9.2-R or 10.0-R, and rkhunter is very unhappy about this:

# md5 /usr/local/etc/rkhunter.conf.sample /usr/local/etc/rkhunter.conf
MD5 (/usr/local/etc/rkhunter.conf.sample) = 3a0576cfd6e7f7b37afb1f45e7feeca2
MD5 (/usr/local/etc/rkhunter.conf) = 3a0576cfd6e7f7b37afb1f45e7feeca2

# cat /usr/local/etc/rkhunter.conf.local
INSTALLDIR=/usr/local
DBDIR=/usr/local/var/lib/rkhunter/db
SCRIPTDIR=/usr/local/lib/rkhunter/scripts
TMPDIR=/usr/local/var/lib/rkhunter/tmp

# rkhunter --propupd
Invalid SCRIPTWHITELIST configuration option: Non-existent pathname: /usr/local/bin/GET

# uname -a
FreeBSD jinx.freebsd.systems 10.0-RELEASE-p7 FreeBSD 10.0-RELEASE-p7 #0: Tue Jul  8 06:37:44 UTC 2014     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
Comment 2 John Marino freebsd_committer 2014-07-20 15:38:16 UTC
fyi - this port is not maintained, so without a patch probably nothing is going to happen
Comment 3 Gerard J. Cerchio 2014-07-20 17:02:27 UTC
patch is in the OP
Comment 4 Adam Weinberger freebsd_committer 2014-08-03 19:18:09 UTC
(In reply to Gerard J. Cerchio from comment #3)
> patch is in the OP

That's a fragment, not a patch.

Please submit your patch as an attachment, created with diff(1), that shows which files are being modified. See http://www.freebsd.org/doc/en_US.ISO8859-1/articles/problem-reports/pr-writing.html#pr-writing-attaching-patches for details.
Comment 5 Gerard J. Cerchio 2014-08-03 20:05:10 UTC
(In reply to Adam Weinberger from comment #4)
> (In reply to Gerard J. Cerchio from comment #3)
> > patch is in the OP
> 
> That's a fragment, not a patch.
> 
> Please submit your patch as an attachment, created with diff(1), that shows
> which files are being modified. See
> http://www.freebsd.org/doc/en_US.ISO8859-1/articles/problem-reports/pr-
> writing.html#pr-writing-attaching-patches for details.

Hi Adam,

Unfortunately I have no idea how to find the rkhunter source tree used by FreeBSD.

The best I could do for now is provide you with the diff -u outputs. They are probably not performed correctly so I will not attach them. I found the original files in /var/ports/basejail/usr/ports/security/rkhunter/work/stage/usr/local/etc so here are the difs performed in the work directory tree:

 diff -u rkhunter.conf.sample /usr/local/etc/rkhunter.conf
--- rkhunter.conf.sample        2014-06-14 08:47:10.000000000 -0700
+++ /usr/local/etc/rkhunter.conf        2014-07-12 07:41:35.000000000 -0700
@@ -154,7 +154,7 @@
 # subsequently commented out or removed, then the program will assume a
 # default directory beneath the installation directory.
 #
-#TMPDIR=/var/lib/rkhunter/tmp
+TMPDIR=/usr/local/var/lib/rkhunter/tmp
 
 #
 # This option specifies the database directory to use.
@@ -163,7 +163,7 @@
 # subsequently commented out or removed, then the program will assume a
 # default directory beneath the installation directory.
 #
-#DBDIR=/var/lib/rkhunter/db
+DBDIR=/usr/local/var/lib/rkhunter/db
 
 #
 # This option specifies the script directory to use.
@@ -171,7 +171,7 @@
 # The installer program will set the default directory. If this default is
 # subsequently commented out or removed, then the program will not run.
 #
-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
+SCRIPTDIR=/usr/local/lib/rkhunter/scripts
 
 #
 # This option can be used to modify the command directory list used by rkhunter
@@ -191,6 +191,8 @@
 #BINDIR=/bin /usr/bin /sbin /usr/sbin
 #BINDIR=+/usr/local/bin +/usr/local/sbin
 
+INSTALLDIR=/usr/local
+
 #
 # This option specifies the default language to use. This should be similar to
 # the ISO 639 language code.


diff -u rkhunter.conf /usr/local/etc/rkhunter.conf
--- rkhunter.conf       2014-06-14 08:47:10.000000000 -0700
+++ /usr/local/etc/rkhunter.conf        2014-07-12 07:41:35.000000000 -0700
@@ -154,7 +154,7 @@
 # subsequently commented out or removed, then the program will assume a
 # default directory beneath the installation directory.
 #
-#TMPDIR=/var/lib/rkhunter/tmp
+TMPDIR=/usr/local/var/lib/rkhunter/tmp
 
 #
 # This option specifies the database directory to use.
@@ -163,7 +163,7 @@
 # subsequently commented out or removed, then the program will assume a
 # default directory beneath the installation directory.
 #
-#DBDIR=/var/lib/rkhunter/db
+DBDIR=/usr/local/var/lib/rkhunter/db
 
 #
 # This option specifies the script directory to use.
@@ -171,7 +171,7 @@
 # The installer program will set the default directory. If this default is
 # subsequently commented out or removed, then the program will not run.
 #
-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
+SCRIPTDIR=/usr/local/lib/rkhunter/scripts
 
 #
 # This option can be used to modify the command directory list used by rkhunter
@@ -191,6 +191,8 @@
 #BINDIR=/bin /usr/bin /sbin /usr/sbin
 #BINDIR=+/usr/local/bin +/usr/local/sbin
 
+INSTALLDIR=/usr/local
+
 #
 # This option specifies the default language to use. This should be similar to
 # the ISO 639 language code.
@@ -1231,9 +1233,3 @@
 #
 #EMPTY_LOGFILES=""
 #MISSING_LOGFILES=""
-
-INSTALLDIR=/usr/local
-DBDIR=/usr/local/var/lib/rkhunter/db
-SCRIPTDIR=/usr/local/lib/rkhunter/scripts
-TMPDIR=/usr/local/var/lib/rkhunter/tmp
-USER_FILEPROP_FILES_DIRS=/usr/local/etc/rkhunter.conf


I hope this helps you create the patch.
Comment 6 John Marino freebsd_committer 2014-08-03 20:45:41 UTC
cd /usr/ports/security/rkhunter
make patch
cd work/rkhunter-1.4.2

files/rkhunter.conf already has a patch, so there's already an .orig
modify files/rkhunter.conf, then 
A) cd /usr/ports/security/rkhunter && make makepatch
or B) diff -u files/rkhunter.conf.orig files/rkhunter.conf > patch-files__rkhunter.conf

That's basically how to do it.
Comment 7 Gerard J. Cerchio 2014-08-04 01:56:21 UTC
Created attachment 145328 [details]
Correct the rkhunter paths for FreeBSD
Comment 8 Gerard J. Cerchio 2014-08-04 01:56:54 UTC
(In reply to John Marino from comment #6)
> cd /usr/ports/security/rkhunter
> make patch
> cd work/rkhunter-1.4.2
> 
> files/rkhunter.conf already has a patch, so there's already an .orig
> modify files/rkhunter.conf, then 
> A) cd /usr/ports/security/rkhunter && make makepatch
> or B) diff -u files/rkhunter.conf.orig files/rkhunter.conf >
> patch-files__rkhunter.conf
> 
> That's basically how to do it.

Thanks John,

I used option B:

diff -u files/rkhunter.conf.orig /usr/local/etc/rkhunter.conf >  /tmp/patch-files__rkhunter.conf

I attached it to the bug....
Comment 9 Carlo Strub freebsd_committer 2014-08-10 22:07:24 UTC
Gerard, would you like to become the new maintainer of rkhunter?
Comment 10 Lukasz Wasikowski 2014-08-11 06:37:14 UTC
(In reply to Carlo Strub from comment #9)
> Gerard, would you like to become the new maintainer of rkhunter?

If Gerard won't do it I'll give it a shot.
Comment 11 Carlo Strub freebsd_committer 2014-08-11 15:38:08 UTC
Fair enough. You guys sort that out. Can anyone of you confirm that the attached patch is complete and working? Then, I'll be happy to commit it.
Comment 12 Gerard J. Cerchio 2014-08-11 23:40:35 UTC
After being a user for almost a decade, and one of the original MH UNIX V crew, I would be very proud to become a FreeBSD contributor.

However my plate is just a bit too full right now and Lukasz appears to have a much better handle on rkhunter than I have.

Good luck Lukasz!
Comment 13 Lukasz Wasikowski 2014-08-12 07:49:38 UTC
(In reply to Gerard J. Cerchio from comment #12)
> After being a user for almost a decade, and one of the original MH UNIX V
> crew, I would be very proud to become a FreeBSD contributor.
> 
> However my plate is just a bit too full right now and Lukasz appears to have
> a much better handle on rkhunter than I have.
> 
> Good luck Lukasz!

Thank you Gerard. I'll test the patch ASAP.
Comment 14 Lukasz Wasikowski 2014-08-12 10:37:41 UTC
Created attachment 145707 [details]
Updated Gerard's patch for rkhunter 1.4.2

This is extended Gerard's patch:

- added some FreeBSD defaults regarding SSH
- made port more PREFIX aware
- changed maintainer
Comment 15 commit-hook freebsd_committer 2014-08-12 18:31:52 UTC
A commit references this bug:

Author: cs
Date: Tue Aug 12 18:31:26 UTC 2014
New revision: 364732
URL: http://svnweb.freebsd.org/changeset/ports/364732

Log:
  - unbreak
  - added some FreeBSD defaults regarding SSH
  - made port more PREFIX aware
  - changed maintainer

  PR:		191842
  Submitted by:	Gerard J. Cerchio and Lukasz Wasikowski (maintainer)

Changes:
  head/security/rkhunter/Makefile
  head/security/rkhunter/files/patch-files__rkhunter.conf
Comment 16 Carlo Strub freebsd_committer 2014-08-12 18:38:16 UTC
Committed. Thank you very much.