File rkhunter.spec of Package rkhunter

#
# spec file for package rkhunter
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2009-2010 by Sascha Manns <saigkill@opensuse.org>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#



Name:           rkhunter
Version:        1.3.8
Release:        1
License:        GPL v2 or later
Summary:        Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits
Url:            http://rkhunter.sourceforge.net/
Group:          System/Monitoring
Source0:        %{name}-%{version}.tar.bz2
Source2:        %{name}.sysconfig
Source3:        %{name}.cron
Source5:        %{name}-README.SuSE
Source6:        %{name}.logrotate
# PATCH-FIX-OPENSUSE -- saigkill@opensuse.org - Fix Pathes2
Patch0:         %{name}-installer-fix.patch
BuildRequires:  wget
PreReq:         %fillup_prereq
Requires:       bash
Requires:       cron
Requires:       findutils
Recommends:     logrotate
Recommends:     netcfg
Recommends:     wget
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
AutoReqProv:    no

%description
Rootkit Hunter scans files and systems for known and unknown rootkits,
backdoors, and sniffers.  The package contains one shell script, a few
text-based databases, and optional Perl modules. This tool scans for
rootkits, backdoors, and local exploits by running tests like:

* Comparing MD5 hashes

* Looking for default files used by rootkits

* Checking for wrong file permissions for binaries

* Looking for suspected strings in LKM and KLD modules

* Looking for hidden files

* Optionally scanning within plain text and binary files

* Checking software versions

* Testing applications

%prep
%setup -q
%patch0 -p0

%build
sed -e 's/\${MYDIR}\/lib/\%{_prefix}\/share/;' files/rkhunter >files/rkhunter.new
mv files/rkhunter.new files/rkhunter

%install
sh ./installer.sh --layout RPM --install
%{__install} -D -m640 %{SOURCE2} %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.%{name}
%{__install} -d %{buildroot}%{_docdir}/%{name}-%{version}
%{__install} -m644    %{SOURCE5} %{buildroot}%{_docdir}/%{name}-%{version}/README.SuSE
%{__install} -D -m640 %{SOURCE6} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
# Make a cron.daily file to mail us the reports
%{__install} -d %{buildroot}%{_sysconfdir}/cron.daily/
%{__install} -Dm750 %{SOURCE3} %{buildroot}%{_sysconfdir}/cron.daily/suse.de-%{name}
# adapt the default config for using in openSUSE
sed "s|^PREFIX*|PREFIX="%{_prefix}"|g; \
     s|^#SCRIPTDIR.*|SCRIPTDIR=%{_prefix}/lib/%{name}/scripts|g; \
     s|^#TMPDIR.*|TMPDIR=%{_var}/lib/rkhunter/tmp|g; \
     s|^#DBDIR.*|DBDIR=%{_var}/lib/rkhunter/db|g; \
     s|^APPEND_LOG=0|APPEND_LOG=1|g; \
     s|ALLOW_SSH_ROOT_USER=no|ALLOW_SSH_ROOT_USER=yes|g; \
     s|^#PKGMGR.*|PKGMGR=RPM|g; \
     s|^#ALLOWHIDDENDIR=%{_sysconfdir}/.java.*|ALLOWHIDDENDIR=%{_sysconfdir}/.java|g; \
     s|^#ALLOWHIDDENDIR=/dev/.udev.*|ALLOWHIDDENDIR=/dev/.udev|g; \
     s|^#ALLOWHIDDENFILE=%{_sysconfdir}/.pwd.lock.*|ALLOWHIDDENFILE=%{_sysconfdir}/.pwd.lock|g; \
     s|^#ALLOWDEVFILE=/dev/shm/pulse-shm-.*|ALLOWDEVFILE=/dev/shm/sysconfig/new-stamp-\*|g" \
     %{buildroot}%{_sysconfdir}/%{name}.conf > %{buildroot}%{_sysconfdir}/%{name}.conf.new
mv %{buildroot}%{_sysconfdir}/%{name}.conf.new %{buildroot}%{_sysconfdir}/%{name}.conf
for i in ifup-lo if-lo network config-lo new-stamp-2; do
        echo "ALLOWDEVFILE=/dev/shm/sysconfig/$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf
done
for i in $(seq 0 9); do
        echo "ALLOWDEVFILE=/dev/shm/sysconfig/ifup-eth$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf
        echo "ALLOWDEVFILE=/dev/shm/sysconfig/if-eth$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf
        echo "ALLOWDEVFILE=/dev/shm/sysconfig/config-eth$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf
done
echo "ALLOWDEVFILE=/dev/shm/pulse-shm-*" >> %{buildroot}%{_sysconfdir}/%{name}.conf

# install ghost file
mkdir -p %{buildroot}%{_localstatedir}/log
touch %{buildroot}%{_localstatedir}/log/%{name}.log

# strip %#{_libdir}/%{name}/%{name}/plugins/*.so

%clean
[ %{buildroot} != "/" ] && [ -d %{buildroot} ] \
  && rm -rf %{buildroot}

%post
%{fillup_only}

%files
%defattr(644,root,root,755)
%doc %{_mandir}/man8/%{name}.8*
%doc %{_docdir}/%{name}-%{version}/ACKNOWLEDGMENTS
%doc %{_docdir}/%{name}-%{version}/CHANGELOG
%doc %{_docdir}/%{name}-%{version}/FAQ
%doc %{_docdir}/%{name}-%{version}/LICENSE
%doc %{_docdir}/%{name}-%{version}/README
%doc %{_docdir}/%{name}-%{version}/README.SuSE
%doc %{_docdir}/%{name}-%{version}
%dir %{_libdir}/%{name}
%dir %{_libdir}/%{name}/scripts
%dir %{_var}/lib/%{name}
%dir %{_var}/lib/%{name}/db
%dir %{_var}/lib/%{name}/db/i18n
%dir %{_var}/lib/%{name}/tmp
%defattr(640,root,root,-)
%config(noreplace) %{_sysconfdir}/%{name}.conf
%verify(not md5 size mtime) %{_var}/lib/%{name}/db/*.dat
%{_var}/lib/%{name}/db/i18n/*
%config(noreplace) %{_sysconfdir}/logrotate.d/rkhunter
%{_localstatedir}/adm/fillup-templates/sysconfig.%{name}
%ghost %verify(not md5 size mtime) %config(noreplace)%{_localstatedir}/log/%{name}.log
%defattr(750,root,root,-)
%{_bindir}/%{name}
%{_sysconfdir}/cron.daily/suse.de-%{name}
%{_libdir}/%{name}/scripts/*.pl
%{_libdir}/%{name}/scripts/*.sh

%changelog