Changeset View
Changeset View
Standalone View
Standalone View
security/rkhunter/files/patch-files_rkhunter.conf
- This file was added.
| Property | Old Value | New Value |
|---|---|---|
| fbsd:nokeywords | null | yes \ No newline at end of property |
| svn:eol-style | null | native \ No newline at end of property |
| svn:mime-type | null | text/plain \ No newline at end of property |
| --- files/rkhunter.conf.orig 2014-01-25 21:29:51 UTC | |||||
| +++ files/rkhunter.conf | |||||
| @@ -154,7 +154,7 @@ | |||||
| # subsequently commented out or removed, then the program will assume a | |||||
| # default directory beneath the installation directory. | |||||
| # | |||||
| -#TMPDIR=/var/lib/rkhunter/tmp | |||||
| +TMPDIR=RKHPREFIX/var/lib/rkhunter/tmp | |||||
| # | |||||
| # This option specifies the database directory to use. | |||||
| @@ -163,7 +163,7 @@ | |||||
| # subsequently commented out or removed, then the program will assume a | |||||
| # default directory beneath the installation directory. | |||||
| # | |||||
| -#DBDIR=/var/lib/rkhunter/db | |||||
| +DBDIR=RKHPREFIX/var/lib/rkhunter/db | |||||
| # | |||||
| # This option specifies the script directory to use. | |||||
| @@ -171,7 +171,7 @@ | |||||
| # The installer program will set the default directory. If this default is | |||||
| # subsequently commented out or removed, then the program will not run. | |||||
| # | |||||
| -#SCRIPTDIR=/usr/local/lib/rkhunter/scripts | |||||
| +SCRIPTDIR=RKHPREFIX/lib/rkhunter/scripts | |||||
| # | |||||
| # This option can be used to modify the command directory list used by rkhunter | |||||
| @@ -303,7 +303,7 @@ AUTO_X_DETECT=1 | |||||
| # | |||||
| # The default value is 'no'. | |||||
| # | |||||
| -#ALLOW_SSH_ROOT_USER=no | |||||
| +ALLOW_SSH_ROOT_USER=unset | |||||
| # | |||||
| # Set this option to '1' to allow the use of the SSH-1 protocol, but note | |||||
| @@ -317,7 +317,7 @@ AUTO_X_DETECT=1 | |||||
| # | |||||
| # The default value is '0'. | |||||
| # | |||||
| -#ALLOW_SSH_PROT_V1=0 | |||||
| +ALLOW_SSH_PROT_V1=2 | |||||
| # | |||||
| # This setting tells rkhunter the directory containing the SSH configuration | |||||
| @@ -575,6 +575,8 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
| # The default value is the null string. | |||||
| # | |||||
| #SCRIPTWHITELIST=/usr/bin/groups | |||||
| +SCRIPTWHITELIST=/usr/bin/whatis | |||||
| +SCRIPTWHITELIST=/usr/sbin/adduser | |||||
| # | |||||
| # Allow the specified file to have the immutable attribute set. | |||||
| @@ -584,6 +586,10 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
| # The default value is the null string. | |||||
| # | |||||
| #IMMUTWHITELIST=/sbin/ifdown | |||||
| +IMMUTWHITELIST=/usr/bin/login | |||||
| +IMMUTWHITELIST=/usr/bin/passwd | |||||
| +IMMUTWHITELIST=/usr/bin/su | |||||
| +IMMUTWHITELIST=/sbin/init | |||||
| # | |||||
| # If this option is set to '1', then the immutable-bit test is reversed. That | |||||
| @@ -787,6 +793,7 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
| # The default value is the null string. | |||||
| # | |||||
| #UID0_ACCOUNTS=toor rooty | |||||
| +UID0_ACCOUNTS=toor | |||||
| # | |||||
| # This option allows the specified accounts to have no password. NIS/YP entries | |||||
| @@ -1222,3 +1229,6 @@ DISABLE_TESTS=suspscan hidden_ports hidden_procs delet | |||||
| # | |||||
| #EMPTY_LOGFILES="" | |||||
| #MISSING_LOGFILES="" | |||||
| + | |||||
| +INSTALLDIR=RKHPREFIX | |||||
| +USER_FILEPROP_FILES_DIRS=RKHPREFIX/etc/rkhunter.conf | |||||