summaryrefslogtreecommitdiff
path: root/app-forensics/rkhunter/files
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
committerV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
commit4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
treeba5f07bf3f9d22d82e54a462313f5d244036c768 /app-forensics/rkhunter/files
reinit the tree, so we can have metadata
Diffstat (limited to 'app-forensics/rkhunter/files')
-rw-r--r--app-forensics/rkhunter/files/rkhunter-1.3.cron133
-rw-r--r--app-forensics/rkhunter/files/rkhunter-1.4.2.conf.patch38
-rw-r--r--app-forensics/rkhunter/files/rkhunter.bash-completion87
3 files changed, 258 insertions, 0 deletions
diff --git a/app-forensics/rkhunter/files/rkhunter-1.3.cron b/app-forensics/rkhunter/files/rkhunter-1.3.cron
new file mode 100644
index 000000000000..468667cf9d94
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter-1.3.cron
@@ -0,0 +1,133 @@
+#!/bin/bash
+# original author: Aaron Walker <ka0ttic@gentoo.org>
+
+########################## Begin Configuration ###############################
+
+# Default options - more options may be added depending on the
+# configuration variables you set below
+# --cronjob implies -c, --nocolor, --sk
+RKHUNTER_OPTS="--cronjob --summary"
+
+# Set this to 'yes' to enable ; this script does nothing otherwise
+ENABLE=no
+
+# Automatically update rkhunter's dat files prior to running?
+UPDATE=no
+
+# Set this to 'yes' if you wish the output to be mailed to you
+SEND_EMAIL=no
+
+# NOTE: the following EMAIL_* variables are only relevant if you set the
+# SEND_EMAIL variable to 'yes'
+EMAIL_SUBJECT="${HOSTNAME}: rkhunter output"
+EMAIL_RECIPIENT=root
+EMAIL_CMD="|mail -s \"${EMAIL_SUBJECT}\" ${EMAIL_RECIPIENT}"
+
+# Log rkhunter output?
+LOG=no
+
+# The default log location is /var/log/rkhunter.log. Set this variable if
+# you'd like to use an alternate location.
+#LOGFILE=""
+
+# By default, the log file created by rkhunter is world-readable (0644). If
+# you'd like to modify the permissions afterwards, set this variable. The
+# value of this variable, must be a valid chmod argument such as '0600' or
+# 'u+rw,go-rwx'. See the chmod(1) manual page for more information.
+#LOGFILE_PERMS="0600"
+
+# By default, rkhunter overwrites the previous log. Set this variable
+# to 'yes' if you'd like the log output appended to the logfile, instead
+# of overwriting it.
+SAVE_OLD_LOGS=no
+
+# Set to 1 to recieve only warnings & errors
+# Set to 2 to recieve ALL rkhunter output
+# Set to 3 to recieve rkhunter report
+VERBOSITY=3
+
+########################### End Configuration ################################
+
+# exit immediately, unless enabled
+[[ "${ENABLE}" == "yes" ]] || exit 0
+
+# debug mode? (mainly for my benefit)
+if [[ -n "${1}" ]] && [[ ${1} = "-d" ]] ; then
+ set -o verbose -o xtrace
+fi
+
+[[ -z "${LOGFILE}" ]] && LOGFILE="/var/log/rkhunter.log"
+
+# moved this out of config section since it'll
+# probably never need to be changed
+RKHUNTER_EXEC="/usr/sbin/rkhunter"
+
+# sanity check
+if [[ ! -x "${RKHUNTER_EXEC}" ]] ; then
+ echo "${RKHUNTER_EXEC} does not exist or is not executable!"
+ exit 1
+fi
+
+# we create a few tmp files, so let's at least make
+# them readable/writable by root only
+umask 0077
+
+# all output goes to this temp file
+_tmpout=$(mktemp /tmp/rkhunter.cron.XXXXXX)
+exec > ${_tmpout} 2>&1
+
+# update data files
+if [[ "${UPDATE}" == "yes" ]] ; then
+ # save the output of --update in a tmp file so that it can be mailed
+ # along with the scan output; otherwise the user will get 2 mails
+ ${RKHUNTER_EXEC} --nocolor --update
+fi
+
+# formulate options string according to user configuration
+[[ "${LOG}" == "yes" ]] && \
+ RKHUNTER_OPTS="${RKHUNTER_OPTS} --createlogfile ${LOGFILE}"
+
+case "${VERBOSITY}" in
+ # warnings and errors only
+ 1) RKHUNTER_OPTS="${RKHUNTER_OPTS} --quiet" ;;
+ # default rkhunter output (no extra options)
+# 2) ;;
+ # default to option 3
+ *) ;;
+esac
+
+# save old log
+if [[ "${LOG}" == "yes" && "${SAVE_OLD_LOGS}" == "yes" ]] ; then
+ if [[ -e "${LOGFILE}" ]] ; then
+ _tmpfile=$(mktemp ${LOGFILE}.XXXXXX)
+ mv -f ${LOGFILE} ${_tmpfile}
+ echo -e "--\nrkhunter.cron commencing at: $(date)\n--" >> ${_tmpfile}
+ fi
+fi
+
+# finally, run rkhunter
+CMD="${RKHUNTER_EXEC} ${RKHUNTER_OPTS}"
+eval ${CMD}
+RV=$?
+
+# email output?
+if [[ "${SEND_EMAIL}" == "yes" ]] ; then
+ CMD="cat ${_tmpout} ${EMAIL_CMD}"
+ eval ${CMD}
+fi
+
+# remove temp file
+[[ -n "${_tmpout}" ]] && rm -f ${_tmpout}
+
+[[ "${LOG}" != "yes" ]] && exit ${RV}
+
+# from this point on, we can assume logging is enabled
+
+# append new log to old log and restore
+if [[ -n "${_tmpfile}" ]] ; then
+ cat ${LOGFILE} >> ${_tmpfile}
+ mv ${_tmpfile} ${LOGFILE}
+fi
+
+chmod ${LOGFILE_PERMS:-0644} ${LOGFILE}
+exit ${RV}
diff --git a/app-forensics/rkhunter/files/rkhunter-1.4.2.conf.patch b/app-forensics/rkhunter/files/rkhunter-1.4.2.conf.patch
new file mode 100644
index 000000000000..8fd49ab421da
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter-1.4.2.conf.patch
@@ -0,0 +1,38 @@
+diff -Naur rkhunter-1.4.2/files/rkhunter.conf rkhunter-1.4.2-fixed/files/rkhunter.conf
+--- rkhunter-1.4.2/files/rkhunter.conf 2014-01-25 16:29:51.000000000 -0500
++++ rkhunter-1.4.2-fixed/files/rkhunter.conf 2014-05-27 11:58:11.098750088 -0400
+@@ -72,6 +72,7 @@
+ # to use.
+ #
+
++INSTALLDIR=/usr
+
+ #
+ # If this option is set to '1', it specifies that the mirrors file
+@@ -154,7 +155,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
+ #
+-#TMPDIR=/var/lib/rkhunter/tmp
++TMPDIR=/var/lib/rkhunter/tmp
+
+ #
+ # This option specifies the database directory to use.
+@@ -163,7 +164,7 @@
+ # subsequently commented out or removed, then the program will assume a
+ # default directory beneath the installation directory.
+ #
+-#DBDIR=/var/lib/rkhunter/db
++DBDIR=/var/lib/rkhunter/db
+
+ #
+ # This option specifies the script directory to use.
+@@ -171,7 +172,7 @@
+ # The installer program will set the default directory. If this default is
+ # subsequently commented out or removed, then the program will not run.
+ #
+-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
++SCRIPTDIR=/usr/lib/rkhunter/scripts
+
+ #
+ # This option can be used to modify the command directory list used by rkhunter
diff --git a/app-forensics/rkhunter/files/rkhunter.bash-completion b/app-forensics/rkhunter/files/rkhunter.bash-completion
new file mode 100644
index 000000000000..a28f96f510d1
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter.bash-completion
@@ -0,0 +1,87 @@
+# rkhunter completion
+
+_rkhunter() {
+ local cur prev opts
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+ opts="-c --checkall --createlogfile --cronjob --display-logfile -h --help\
+ --nocolors --report-mode --report-warnings-only \
+ --skip-application-check --skip-keypress --quick --quiet --update \
+ --version --versioncheck --bindir --configfile --dbdir --rootdir \
+ --tmpdir --disable-md5-check --disable-passwd-check \
+ --scan-knownbad-files"
+
+ if [[ "${cur}" == -* ]] || [[ ${COMP_CWORD} -eq 1 ]]; then
+ COMPREPLY=($(compgen -W "${opts}" -- "${cur}"))
+ fi
+
+ case "${prev}" in
+ --createlogfile)
+ COMPREPLY=($(compgen -o filenames -A file -W "${opts/--createlogfile}" \
+ -- "${cur}"))
+ ;;
+ --display-logfile)
+ COMPREPLY=($(compgen -W "${opts/--display-logfile}" -- "${cur}"))
+ ;;
+ --*dir)
+ COMPREPLY=($(compgen -o dirnames -A directory -- "${cur}"))
+ ;;
+ --*file)
+ COMPREPLY=($(compgen -o filenames -A file -- "${cur}"))
+ ;;
+ -c|--checkall)
+ COMPREPLY=($(compgen -W "${opts/-c --checkall}" -- "${cur}"))
+ ;;
+ --cronjob)
+ COMPREPLY=($(compgen -W "${opts/--cronjob}" -- "${cur}"))
+ ;;
+ -h|--help)
+ COMPREPLY=($(compgen -W "${opts/-h --help}" -- "${cur}"))
+ ;;
+ --nocolors)
+ COMPREPLY=($(compgen -W "${opts/--nocolors}" -- "${cur}"))
+ ;;
+ --report-mode)
+ COMPREPLY=($(compgen -W "${opts/--report-mode}" -- "${cur}"))
+ ;;
+ --report-warnings-only)
+ COMPREPLY=($(compgen -W "${opts/--report-warnings-only}" -- \
+ "${cur}"))
+ ;;
+ --skip-application-check)
+ COMPREPLY=($(compgen -W "${opts/--skip-application-check}" -- \
+ "${cur}"))
+ ;;
+ --skip-keypress)
+ COMPREPLY=($(compgen -W "${opts/--skip-keypress}" -- "${cur}"))
+ ;;
+ --quick)
+ COMPREPLY=($(compgen -W "${opts/--quick}" -- "${cur}"))
+ ;;
+ --quiet)
+ COMPREPLY=($(compgen -W "${opts/--quiet}" -- "${cur}"))
+ ;;
+ --update)
+ COMPREPLY=($(compgen -W "${opts/--update}" -- "${cur}"))
+ ;;
+ --version)
+ COMPREPLY=($(compgen -W "${opts/--version}" -- "${cur}"))
+ ;;
+ --versioncheck)
+ COMPREPLY=($(compgen -W "${opts/--versioncheck}" -- "${cur}"))
+ ;;
+ --disable-md5-check)
+ COMPREPLY=($(compgen -W "${opts/--disable-md5-check}" -- "${cur}"))
+ ;;
+ --disable-passwd-check)
+ COMPREPLY=($(compgen -W "${opts/--disable-passwd-check}" -- \
+ "${cur}"))
+ ;;
+ --scan-knownbad-files)
+ COMPREPLY=($(compgen -W "${opts/--scan-knownbad-files}" -- \
+ "${cur}"))
+ ;;
+ esac
+}
+complete -F _rkhunter rkhunter