summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'app-forensics/chkrootkit')
-rw-r--r--app-forensics/chkrootkit/ChangeLog11
-rw-r--r--app-forensics/chkrootkit/Manifest19
-rw-r--r--app-forensics/chkrootkit/chkrootkit-0.44-r1.ebuild53
-rw-r--r--app-forensics/chkrootkit/files/chkrootkit-0.44-coreutils-static-falsepositive.patch20
-rw-r--r--app-forensics/chkrootkit/files/digest-chkrootkit-0.44-r12
5 files changed, 101 insertions, 4 deletions
diff --git a/app-forensics/chkrootkit/ChangeLog b/app-forensics/chkrootkit/ChangeLog
index 93fbcdee80fe..3212d896b8f0 100644
--- a/app-forensics/chkrootkit/ChangeLog
+++ b/app-forensics/chkrootkit/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for app-forensics/chkrootkit
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-forensics/chkrootkit/ChangeLog,v 1.20 2005/01/01 14:22:35 eradicator Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/chkrootkit/ChangeLog,v 1.21 2005/01/23 14:37:46 dragonheart Exp $
+
+*chkrootkit-0.44-r1 (23 Jan 2005)
+
+ 23 Jan 2005; Daniel Black <dragonheart@gentoo.org>
+ +files/chkrootkit-0.44-coreutils-static-falsepositive.patch,
+ +chkrootkit-0.44-r1.ebuild:
+ Revision bump to solve false detections with static coreutils (du and ls). Bug
+ #73372 refers. Thanks to the author Nelson Murilo <nelson@pangeia.com.br> for
+ a very rapid response.
28 Dec 2004; Ciaran McCreesh <ciaranm@gentoo.org> :
Change encoding to UTF-8 for GLEP 31 compliance
diff --git a/app-forensics/chkrootkit/Manifest b/app-forensics/chkrootkit/Manifest
index ff5252a62fd6..55d98e56f2f6 100644
--- a/app-forensics/chkrootkit/Manifest
+++ b/app-forensics/chkrootkit/Manifest
@@ -1,9 +1,22 @@
-MD5 aa1fec71df83b39454613886f02c8eb2 ChangeLog 8408
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+MD5 81f57955b535c6550e4d61525b41079e ChangeLog 8777
+MD5 7460fdec86596dcf99c66fbb167712af metadata.xml 256
MD5 af9f831421f3a9ae71e16830253e6269 chkrootkit-0.43-r3.ebuild 935
MD5 ada3a40144dfe72cb9c42b83cb593f8d chkrootkit-0.43-r4.ebuild 1110
-MD5 7460fdec86596dcf99c66fbb167712af metadata.xml 256
+MD5 36a5acc29c7e5e78bc9b28e23ac29dca chkrootkit-0.44-r1.ebuild 1590
MD5 db8a5f22ed8787ae2c777965cd31af0c chkrootkit-0.44.ebuild 1446
-MD5 1f4cc273611ca05137d997b8d4bad9de files/digest-chkrootkit-0.44 140
+MD5 1f4cc273611ca05137d997b8d4bad9de files/digest-chkrootkit-0.44-r1 140
MD5 bb6a980a762d72e1928231eabf4a9304 files/chkrootkit.cron 78
MD5 e4f72853578cf59cb609efc280621591 files/digest-chkrootkit-0.43-r3 142
MD5 e4f72853578cf59cb609efc280621591 files/digest-chkrootkit-0.43-r4 142
+MD5 1f4cc273611ca05137d997b8d4bad9de files/digest-chkrootkit-0.44 140
+MD5 99d10c59971b4836291ff235c6f480a6 files/chkrootkit-0.44-coreutils-static-falsepositive.patch 793
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.0 (GNU/Linux)
+
+iD8DBQFB87bAmdTrptrqvGERAvWtAJ9fFFXIgyLz90dQ6bmKvcoTuqdGUQCeK/wK
+aYzCtS3KRpw3fDfNamLDu8M=
+=EcqG
+-----END PGP SIGNATURE-----
diff --git a/app-forensics/chkrootkit/chkrootkit-0.44-r1.ebuild b/app-forensics/chkrootkit/chkrootkit-0.44-r1.ebuild
new file mode 100644
index 000000000000..62cb9a6f5535
--- /dev/null
+++ b/app-forensics/chkrootkit/chkrootkit-0.44-r1.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/chkrootkit/chkrootkit-0.44-r1.ebuild,v 1.1 2005/01/23 14:37:46 dragonheart Exp $
+
+inherit eutils flag-o-matic toolchain-funcs
+
+DESCRIPTION="a tool to locally check for signs of a rootkit"
+HOMEPAGE="http://www.chkrootkit.org/"
+SRC_URI="ftp://ftp.pangeia.com.br/pub/seg/pac/${P}.tar.gz
+ mirror://gentoo/${P}-gentoo.diff.bz2"
+
+LICENSE="AMS"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ppc ~ppc64 s390 sparc x86"
+IUSE=""
+
+DEPEND="virtual/libc"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+ epatch ${WORKDIR}/${P}-gentoo.diff || die "patch failed"
+ sed -i 's:${head} -:${head} -n :' chkrootkit || die "sed chkrootkit failed"
+ sed -i 's:/var/adm:/var/log:g' chklastlog.c || die "sed chklastlog.c failed"
+ epatch ${FILESDIR}/${P}-coreutils-static-falsepositive.patch || die "patch failed"
+}
+
+src_compile() {
+ emake \
+ CC=$(tc-getCC) \
+ CFLAGS="${CFLAGS}" \
+ LDFLAGS="${LDFLAGS}" \
+ sense || die "emake sense failed"
+}
+
+src_install() {
+ dosbin chkdirs chklastlog chkproc chkrootkit chkwtmp ifpromisc \
+ strings-static || die
+ dodoc README README.chklastlog README.chkwtmp
+
+ exeinto /etc/cron.weekly
+ newexe ${FILESDIR}/${PN}.cron ${PN} || die
+}
+
+pkg_postinst() {
+ echo
+ einfo "Edit /etc/cron.weekly/chkrootkit to activate chkrootkit!"
+ einfo
+ einfo "Some applications, such as portsentry, will cause chkrootkit"
+ einfo "to produce false positives. Read the chkrootkit FAQ at"
+ einfo "http://www.chkrootkit.org/ for more information."
+ echo
+}
diff --git a/app-forensics/chkrootkit/files/chkrootkit-0.44-coreutils-static-falsepositive.patch b/app-forensics/chkrootkit/files/chkrootkit-0.44-coreutils-static-falsepositive.patch
new file mode 100644
index 000000000000..4aa692e775a7
--- /dev/null
+++ b/app-forensics/chkrootkit/files/chkrootkit-0.44-coreutils-static-falsepositive.patch
@@ -0,0 +1,20 @@
+--- chkrootkit.orig 2005-01-23 23:29:05.017022840 +0930
++++ chkrootkit 2005-01-23 23:30:07.494524816 +0930
+@@ -1354,7 +1354,7 @@
+
+ chk_ls () {
+ STATUS=${NOT_INFECTED}
+-LS_INFECTED_LABEL="/dev/ttyof|/dev/pty[pqrs]|/dev/hdl0|\.tmp/lsfile|/dev/hdcc|/dev/ptyxx|duarawkz|/prof|/dev/tux|/security|file\.h"
++LS_INFECTED_LABEL="/dev/ttyof|/dev/pty[pqrs]|/dev/hdl0|\.tmp/lsfile|/dev/hdcc|/dev/ptyxx|duarawkz|^/prof|/dev/tux|/security|file\.h"
+ CMD=`loc ls ls $pth`
+
+ if [ "${EXPERT}" = "t" ]; then
+@@ -1371,7 +1371,7 @@
+
+ chk_du () {
+ STATUS=${NOT_INFECTED}
+- DU_INFECTED_LABEL="/dev/ttyof|/dev/pty[pqrsx]|w0rm|/prof|/dev/tux|file\.h"
++ DU_INFECTED_LABEL="/dev/ttyof|/dev/pty[pqrsx]|w0rm|^/prof|/dev/tux|file\.h"
+ CMD=`loc du du $pth`
+
+ if [ "${EXPERT}" = "t" ]; then
diff --git a/app-forensics/chkrootkit/files/digest-chkrootkit-0.44-r1 b/app-forensics/chkrootkit/files/digest-chkrootkit-0.44-r1
new file mode 100644
index 000000000000..c0c0cd666607
--- /dev/null
+++ b/app-forensics/chkrootkit/files/digest-chkrootkit-0.44-r1
@@ -0,0 +1,2 @@
+MD5 8f6dbb3204c24e9b71490142cb2953ee chkrootkit-0.44.tar.gz 34163
+MD5 26971ac3a44146d35ed3155e665606e3 chkrootkit-0.44-gentoo.diff.bz2 4049