[Forensics-changes] [rkhunter] 06/23: Better default configuration (closes: #765898)

Francois Marier francois at moszumanska.debian.org
Sun Apr 26 22:28:55 UTC 2015 

This is an automated email from the git hooks/post-receive script.

francois pushed a commit to branch master
in repository rkhunter.

commit ec99ad644f61142f54ba63693186bc601b53c8bf
Author: Francois Marier <francois at debian.org>
Date:   Sun Apr 26 00:15:08 2015 +1200

    Better default configuration (closes: #765898)
---
 debian/changelog                       |  1 +
 debian/patches/05_custom_conffile.diff | 41 ++++++++++++++++++++++++++++------
 2 files changed, 35 insertions(+), 7 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 8686cd4..e94e0d2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ rkhunter (1.4.2-1) unstable; urgency=medium
   * Acknowledge my own NMUs (closes: #765351, #765912, #768396, #771477)
 
   * Recommend both unhide and unhide.rb (closes: #765901)
+  * Better default configuration (closes: #765898)
 
   * Bump Standards-Version up to 3.9.6
   * Bump debhelper compatibility to 9
diff --git a/debian/patches/05_custom_conffile.diff b/debian/patches/05_custom_conffile.diff
index 975f4ba..62e6b3e 100644
--- a/debian/patches/05_custom_conffile.diff
+++ b/debian/patches/05_custom_conffile.diff
@@ -1,10 +1,19 @@
 Description: Custom configuration options for Debian package
-Author: Julien Valroff <julien at debian.org>
+Author: Francois Marier <francois at debian.org>
 Forwarded: not-needed
-Last-Update: 2014-10-14
+Last-Update: 2015-04-26
 
 --- a/files/rkhunter.conf
 +++ b/files/rkhunter.conf
+@@ -130,7 +130,7 @@
+ #
+ # Also see the MAIL_CMD option.
+ #
+-#MAIL-ON-WARNING=me at mydomain   root at mydomain
++MAIL-ON-WARNING=root
+ 
+ #
+ # This option specifies the mail command to use if MAIL-ON-WARNING is set.
 @@ -154,7 +154,7 @@
  # subsequently commented out or removed, then the program will assume a
  # default directory beneath the installation directory.
@@ -32,6 +41,15 @@ Last-Update: 2014-10-14
  
  #
  # This option can be used to modify the command directory list used by rkhunter
+@@ -264,7 +264,7 @@ LOGFILE=/var/log/rkhunter.log
+ #
+ # The default value is not to use syslog.
+ #
+-#USE_SYSLOG=authpriv.notice
++USE_SYSLOG=authpriv.warning
+ 
+ #
+ # Set the following option to '1' if the second colour set is to be used. This
 @@ -349,8 +349,15 @@ AUTO_X_DETECT=1
  # either of the options below are specified, then they will override the
  # program defaults.
@@ -49,6 +67,15 @@ Last-Update: 2014-10-14
  
  #
  # The HASH_CMD option can be used to specify the command to use for the file
+@@ -381,7 +388,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+ #
+ # Also see the HASH_FLD_IDX option.
+ #
+-#HASH_CMD=sha1sum
++HASH_CMD=sha256sum
+ 
+ #
+ # The HASH_FLD_IDX option specifies which field from the HASH_CMD command
 @@ -421,6 +428,9 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
  # Also see the PKGMGR_NO_VRFY and USE_SUNSUM options.
@@ -59,7 +86,7 @@ Last-Update: 2014-10-14
  #PKGMGR=NONE
  
  #
-@@ -574,7 +584,15 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -574,7 +584,14 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #
  # The default value is the null string.
  #
@@ -67,7 +94,6 @@ Last-Update: 2014-10-14
 +SCRIPTWHITELIST=/bin/egrep
 +SCRIPTWHITELIST=/bin/fgrep
 +SCRIPTWHITELIST=/bin/which
-+SCRIPTWHITELIST=/usr/bin/groups
 +SCRIPTWHITELIST=/usr/bin/ldd
 +SCRIPTWHITELIST=/usr/bin/lwp-request
 +SCRIPTWHITELIST=/usr/sbin/adduser
@@ -76,7 +102,7 @@ Last-Update: 2014-10-14
  
  #
  # Allow the specified file to have the immutable attribute set.
-@@ -602,9 +620,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -602,9 +619,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  # The default value is the null string.
  #
  #ALLOWHIDDENDIR=/etc/.java
@@ -87,11 +113,12 @@ Last-Update: 2014-10-14
  
  #
  # Allow the specified hidden file to be whitelisted.
-@@ -620,6 +636,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
+@@ -620,6 +635,11 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps
  #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha1hmac.hmac
  #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac
  #ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
 +#ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
++#ALLOWHIDDENFILE=/usr/share/man/man5/.k5identity.5.gz
 +#ALLOWHIDDENFILE=/etc/.gitignore
 +#ALLOWHIDDENFILE=/etc/.bzrignore
 +
@@ -104,7 +131,7 @@ Last-Update: 2014-10-14
  #ALLOWPROCDELFILE=/sbin/cardmgr
 +#ALLOWPROCDELFILE=/usr/lib/libgconf2-4/gconfd-2
  #ALLOWPROCDELFILE=/usr/sbin/mysqld:/tmp/ib*
-+#ALLOWPROCDELFILE=/usr/lib/iceweasel/firefox-bin
++#ALLOWPROCDELFILE=/usr/lib/iceweasel/iceweasel
 +#ALLOWPROCDELFILE=/usr/bin/file-roller
  
  #

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/rkhunter.git

More information about the forensics-changes mailing list