'kevin pushed to rkhunter (f24). "Add /dev/shm/qb* files to whitelist. Fixes bug #1403602 (..more)"'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-extras-commits
Subject:    kevin pushed to rkhunter (f24). "Add /dev/shm/qb* files to whitelist. Fixes bug #1403602 (..more)"
From:       notifications () fedoraproject ! org
Date:       2017-06-30 21:18:00
Message-ID: 20170630211800.BFE2C6069A72 () bastion01 ! phx2 ! fedoraproject ! org
[Download RAW message or body]

From a9f29504934919cedf2df6b864a51f6e1e594648 Mon Sep 17 00:00:00 2001
From: Mukundan Ragavan <nonamedotc@gmail.com>
Date: Wed, 25 Jan 2017 21:11:04 -0500
Subject: Add /dev/shm/qb* files to whitelist. Fixes bug #1403602 Add
 /dev/shm/squid-ssl_session_cache.shm to whitelist. Fixes bug #1411130

---
 rkhunter-1.4.2-fedoraconfig.patch | 28 +++++++++++++++++++++-------
 rkhunter.spec                     |  6 +++++-
 2 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/rkhunter-1.4.2-fedoraconfig.patch b/rkhunter-1.4.2-fedoraconfig.patch
index e3fa72d..9b86c3d 100644
--- a/rkhunter-1.4.2-fedoraconfig.patch
+++ b/rkhunter-1.4.2-fedoraconfig.patch
@@ -1,6 +1,5 @@
-diff -Nur rkhunter-1.4.2.orig/files/rkhunter.conf rkhunter-1.4.2/files/rkhunter.conf
---- rkhunter-1.4.2.orig/files/rkhunter.conf	2014-01-25 14:29:51.000000000 -0700
-+++ rkhunter-1.4.2/files/rkhunter.conf	2016-04-20 09:43:32.059538092 -0600
+--- rkhunter-1.4.2.orig/files/rkhunter.conf	2017-01-25 21:03:14.142522097 -0500
++++ rkhunter-1.4.2/files/rkhunter.conf	2017-01-25 21:05:50.114146953 -0500
 @@ -155,6 +155,7 @@
  # default directory beneath the installation directory.
  #
@@ -125,7 +124,7 @@ diff -Nur rkhunter-1.4.2.orig/files/rkhunter.conf \
rkhunter-1.4.2/files/rkhunter.  
  #
  # Allow the specified hidden file to be whitelisted.
-@@ -620,6 +654,32 @@
+@@ -620,6 +654,45 @@
  #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha1hmac.hmac
  #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac
  #ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
@@ -155,10 +154,23 @@ diff -Nur rkhunter-1.4.2.orig/files/rkhunter.conf \
rkhunter-1.4.2/files/rkhunter.  +ALLOWHIDDENFILE=/etc/.bzrignore
 +# systemd
 +ALLOWHIDDENFILE=/etc/.updated
++
++
++# Allow PCS/Pacemaker/Corosync
++ALLOWDEVFILE=/dev/shm/qb-attrd-*
++ALLOWDEVFILE=/dev/shm/qb-cfg-*
++ALLOWDEVFILE=/dev/shm/qb-cib_rw-*
++ALLOWDEVFILE=/dev/shm/qb-cib_shm-*
++ALLOWDEVFILE=/dev/shm/qb-corosync-*
++ALLOWDEVFILE=/dev/shm/qb-cpg-*
++ALLOWDEVFILE=/dev/shm/qb-lrmd-*
++ALLOWDEVFILE=/dev/shm/qb-pengine-*
++ALLOWDEVFILE=/dev/shm/qb-quorum-*
++ALLOWDEVFILE=/dev/shm/qb-stonith-*
  
  #
  # Allow the specified process to use deleted files. The process name may be
-@@ -681,6 +741,22 @@
+@@ -681,6 +754,24 @@
  #
  #ALLOWDEVFILE=/dev/shm/pulse-shm-*
  #ALLOWDEVFILE=/dev/shm/sem.ADBE_*
@@ -176,12 +188,14 @@ diff -Nur rkhunter-1.4.2.orig/files/rkhunter.conf \
rkhunter-1.4.2/files/rkhunter.  +ALLOWDEVFILE=/dev/shm/sem.slapd-*.stats
 +# squid proxy
 +ALLOWDEVFILE=/dev/shm/squid-cf*
++# squid ssl cache
++ALLOWDEVFILE=/dev/shm/squid-ssl_session_cache.shm
 +# allow lldpad state file
 +ALLOWDEVFILE=/dev/shm/lldpad.state
  
  #
  # This option is used to indicate if the Phalanx2 test is to perform a basic
-@@ -1004,6 +1080,11 @@
+@@ -1004,6 +1095,11 @@
  #
  #RTKT_DIR_WHITELIST=""
  #RTKT_FILE_WHITELIST=""
@@ -193,7 +207,7 @@ diff -Nur rkhunter-1.4.2.orig/files/rkhunter.conf \
rkhunter-1.4.2/files/rkhunter.  
  #
  # The following option can be used to whitelist shared library files that would
-@@ -1222,3 +1303,5 @@
+@@ -1222,3 +1318,5 @@
  #
  #EMPTY_LOGFILES=""
  #MISSING_LOGFILES=""
diff --git a/rkhunter.spec b/rkhunter.spec
index 3a88ef4..c127f6c 100644
--- a/rkhunter.spec
+++ b/rkhunter.spec
@@ -3,7 +3,7 @@
 
 Name:           rkhunter
 Version:        1.4.2
-Release:        11%{?dist}
+Release:        12%{?dist}
 Summary:        A host-based tool to scan for rootkits, backdoors and local exploits
 
 Group:          Applications/System
@@ -111,6 +111,10 @@ EOF
 %{_mandir}/man8/*
 
 %changelog
+* Wed Jan 25 2017 Mukundan Ragavan <nonamedotc@fedoraproject.org> - 1.4.2-12
+- Add /dev/shm/qb* files to whitelist. Fixes bug #1403602
+- Add /dev/shm/squid-ssl_session_cache.shm to whitelist. Fixes bug #1411130
+
 * Wed Apr 20 2016 Kevin Fenzi <kevin@scrye.com> - 1.4.2-11
 - Add /dev/shm/lldpad files to whitelist. Fixes bug #1293059
 
-- 
cgit v1.1


	https://src.fedoraproject.org/cgit/rkhunter.git/commit/?h=f24&id=a9f29504934919cedf2df6b864a51f6e1e594648
 _______________________________________________
scm-commits mailing list -- scm-commits@lists.fedoraproject.org
To unsubscribe send an email to scm-commits-leave@lists.fedoraproject.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic