Changeset View
Changeset View
Standalone View
Standalone View
security/rkhunter/files/patch-files_rkhunter.conf
- This file was added.
Property | Old Value | New Value |
---|---|---|
fbsd:nokeywords | null | yes \ No newline at end of property |
svn:eol-style | null | native \ No newline at end of property |
svn:mime-type | null | text/plain \ No newline at end of property |
--- files/rkhunter.conf.orig 2014-01-25 21:29:51 UTC | |||||
+++ files/rkhunter.conf | |||||
@@ -154,7 +154,7 @@ | |||||
# subsequently commented out or removed, then the program will assume a | |||||
# default directory beneath the installation directory. | |||||
# | |||||
-#TMPDIR=/var/lib/rkhunter/tmp | |||||
+TMPDIR=RKHPREFIX/var/lib/rkhunter/tmp | |||||
# | |||||
# This option specifies the database directory to use. | |||||
@@ -163,7 +163,7 @@ | |||||
# subsequently commented out or removed, then the program will assume a | |||||
# default directory beneath the installation directory. | |||||
# | |||||
-#DBDIR=/var/lib/rkhunter/db | |||||
+DBDIR=RKHPREFIX/var/lib/rkhunter/db | |||||
# | |||||
# This option specifies the script directory to use. | |||||
@@ -171,7 +171,7 @@ | |||||
# The installer program will set the default directory. If this default is | |||||
# subsequently commented out or removed, then the program will not run. | |||||
# | |||||
-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts | |||||
+SCRIPTDIR=RKHPREFIX/lib/rkhunter/scripts | |||||
# | |||||
# This option can be used to modify the command directory list used by rkhunter | |||||
@@ -303,7 +303,7 @@ AUTO_X_DETECT=1 | |||||
# | |||||
# The default value is 'no'. | |||||
# | |||||
-#ALLOW_SSH_ROOT_USER=no | |||||
+ALLOW_SSH_ROOT_USER=unset | |||||
# | |||||
# Set this option to '1' to allow the use of the SSH-1 protocol, but note | |||||
@@ -317,7 +317,7 @@ AUTO_X_DETECT=1 | |||||
# | |||||
# The default value is '0'. | |||||
# | |||||
-#ALLOW_SSH_PROT_V1=0 | |||||
+ALLOW_SSH_PROT_V1=2 | |||||
# | |||||
# This setting tells rkhunter the directory containing the SSH configuration | |||||
@@ -575,6 +575,8 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
# The default value is the null string. | |||||
# | |||||
#SCRIPTWHITELIST=/usr/bin/groups | |||||
+SCRIPTWHITELIST=/usr/bin/whatis | |||||
+SCRIPTWHITELIST=/usr/sbin/adduser | |||||
# | |||||
# Allow the specified file to have the immutable attribute set. | |||||
@@ -584,6 +586,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
# The default value is the null string. | |||||
# | |||||
#IMMUTWHITELIST=/sbin/ifdown | |||||
+IMMUTWHITELIST=/usr/bin/login | |||||
+IMMUTWHITELIST=/usr/bin/passwd | |||||
+IMMUTWHITELIST=/usr/bin/su | |||||
+IMMUTWHITELIST=/sbin/init | |||||
# | |||||
# If this option is set to '1', then the immutable-bit test is reversed. That | |||||
@@ -787,6 +793,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
# The default value is the null string. | |||||
# | |||||
#UID0_ACCOUNTS=toor rooty | |||||
+UID0_ACCOUNTS=toor | |||||
# | |||||
# This option allows the specified accounts to have no password. NIS/YP entries | |||||
@@ -1222,3 +1229,6 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
# | |||||
#EMPTY_LOGFILES="" | |||||
#MISSING_LOGFILES="" | |||||
+ | |||||
+INSTALLDIR=RKHPREFIX | |||||
+USER_FILEPROP_FILES_DIRS=RKHPREFIX/etc/rkhunter.conf |