Sophie

Sophie

distrib > Fedora > 13 > i386 > media > updates-src > by-pkgid > ae7c266ab27f1037a7f63107bcff2fad > files > 2

rkhunter-1.3.8-2.fc13.src.rpm

diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.conf
--- rkhunter-1.3.8.orig/files/rkhunter.conf	2010-11-13 13:25:22.000000000 -0700
+++ rkhunter-1.3.8/files/rkhunter.conf	2010-12-07 18:49:08.194871526 -0700
@@ -76,7 +76,7 @@
 # NOTE: This option should be present in the configuration file.
 #
 #MAIL-ON-WARNING=me@mydomain   root@mydomain
-MAIL-ON-WARNING=""
+MAIL-ON-WARNING="root"
 
 #
 # Specify the mail command to use if MAIL-ON-WARNING is set.
@@ -94,16 +94,19 @@
 # sure that the directory permissions are tight.
 #
 #TMPDIR=/var/lib/rkhunter/tmp
+TMPDIR=/var/lib/rkhunter
 
 #
 # Specify the database directory to use.
 #
 #DBDIR=/var/lib/rkhunter/db
+DBDIR=/var/lib/rkhunter/db
 
 #
 # Specify the script directory to use.
 #
 #SCRIPTDIR=/usr/local/lib/rkhunter/scripts
+SCRIPTDIR=/usr/share/rkhunter/scripts
 
 #
 # Specify the root directory to use.
@@ -155,13 +158,13 @@
 #
 # NOTE: This option should be present in the configuration file.
 #
-LOGFILE=/var/log/rkhunter.log
+LOGFILE=/var/log/rkhunter/rkhunter.log
 
 #
 # Set the following option to 1 if the log file is to be appended to
 # whenever rkhunter is run.
 #
-APPEND_LOG=0
+APPEND_LOG=1
 
 #
 # Set the following option to 1 if the log file is to be copied when
@@ -183,7 +186,7 @@
 # Setting the value to 'none', or just leaving the option commented out,
 # disables the use of syslog.
 #
-#USE_SYSLOG=authpriv.notice
+USE_SYSLOG=authpriv.notice
 
 #
 # Set the following option to 1 if the second colour set is to be used.
@@ -213,7 +216,7 @@
 # file, then a value here of 'unset' can be used to avoid warning messages.
 # This option has a default value of 'no'.
 #
-ALLOW_SSH_ROOT_USER=no
+ALLOW_SSH_ROOT_USER=unset
 
 #
 # Set this option to '1' to allow the use of the SSH-1 protocol, but note
@@ -224,7 +227,7 @@
 # configuration file, then a value of '2' may be set here in order to
 # suppress a warning message. This option has a default value of '0'.
 #
-ALLOW_SSH_PROT_V1=0
+ALLOW_SSH_PROT_V1=2
 
 #
 # This setting tells rkhunter the directory containing the SSH configuration
@@ -255,7 +258,7 @@
 # tests, the test names, and how rkhunter behaves when these options are used.
 #
 ENABLE_TESTS="all"
-DISABLE_TESTS="suspscan hidden_ports hidden_procs deleted_files packet_cap_apps"
+DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps"
 
 #
 # The HASH_FUNC option can be used to specify the command to use
@@ -324,6 +327,7 @@
 # Whenever this option is changed 'rkhunter --propupd' must be run.
 #
 #PKGMGR=NONE
+PKGMGR=RPM
 
 #
 # It is possible that a file which is part of a package may be modified
@@ -466,6 +470,12 @@
 #
 #SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
 #SCRIPTWHITELIST="/usr/bin/groups"
+SCRIPTWHITELIST=/usr/bin/whatis
+SCRIPTWHITELIST=/usr/bin/ldd
+SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/usr/bin/GET
+SCRIPTWHITELIST=/sbin/ifup
+SCRIPTWHITELIST=/sbin/ifdown
 
 #
 # Allow the specified commands to have the immutable attribute set.
@@ -495,6 +505,14 @@
 #ALLOWHIDDENDIR="/dev/.initramfs"
 #ALLOWHIDDENDIR="/dev/.SRC-unix"
 #ALLOWHIDDENDIR="/dev/.mdadm"
+ALLOWHIDDENDIR=/dev/.udev
+ALLOWHIDDENDIR=/dev/.udevdb
+ALLOWHIDDENDIR=/dev/.udev.tdb
+ALLOWHIDDENDIR=/dev/.static
+ALLOWHIDDENDIR=/dev/.initramfs
+ALLOWHIDDENDIR=/dev/.SRC-unix
+ALLOWHIDDENDIR=/dev/.mdadm
+ALLOWHIDDENDIR=/dev/.systemd
 
 #
 # Allow the specified hidden files to be whitelisted.
@@ -519,6 +537,25 @@
 #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
 #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
 #ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
+ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz
+ALLOWHIDDENFILE=/lib*/.libcrypto.so.*.hmac
+ALLOWHIDDENFILE=/lib*/.libssl.so.*.hmac
+ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-keygen.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-keyscan.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-add.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-agent.hmac
+ALLOWHIDDENFILE=/usr/lib*/.libfipscheck.so.*.hmac
+ALLOWHIDDENFILE=/usr/lib*/.libgcrypt.so.*.hmac
+ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha1hmac.hmac
+ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha256hmac.hmac
+ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha384hmac.hmac
+ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha512hmac.hmac
+ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
+ALLOWHIDDENFILE=/dev/.mdadm.map
+ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
+ALLOWHIDDENFILE=/usr/sbin/.ipsec.hmac
 
 #
 # Allow the specified processes to use deleted files. The
@@ -583,6 +620,8 @@
 #
 #ALLOWDEVFILE="/dev/shm/pulse-shm-*"
 #ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
+ALLOWDEVFILE=/dev/shm/pulse-shm-*
+ALLOWDEVFILE=/dev/md/md-device-map
 
 #
 # This setting tells rkhunter where the inetd configuration
@@ -721,6 +760,7 @@
 # The option may be specified more than once.
 #
 #SUSPSCAN_DIRS="/tmp /var/tmp"
+SUSPSCAN_DIRS="/tmp /var/tmp"
 
 #
 # Directory for temporary files. A memory-based one is better (faster).
@@ -976,3 +1016,5 @@
 # both programs, then disable the 'hidden_procs' test.
 #
 #DISABLE_UNHIDE=0
+
+INSTALLDIR="/usr"

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional