Moved from app-admin/rkhunter to app-forensics/rkhunter.

11 files changed, 407 insertions, 0 deletions

diff --git a/app-forensics/rkhunter/ChangeLog b/app-forensics/rkhunter/ChangeLog
new file mode 100644
index 000000000000..71b20da22b61
--- /dev/null
+++ b/app-forensics/rkhunter/ChangeLog
@@ -0,0 +1,90 @@
+# ChangeLog for app-admin/rkhunter
+# Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/ChangeLog,v 1.1 2004/09/12 07:04:48 dragonheart Exp $
+
+*rkhunter-1.1.6 (12 Sep 2004)
+
+  12 Sep 2004; Daniel Black <dragonheart@gentoo.org> +metadata.xml,
+  +files/rkhunter.bash-completion, +files/rkhunter.cron,
+  +rkhunter-1.1.5.ebuild, +rkhunter-1.1.6.ebuild, +rkhunter-1.1.7.ebuild:
+  Moved from app-admin/rkhunter to app-forensics/rkhunter.
+
+  11 Sep 2004; Aaron Walker <ka0ttic@gentoo.org>
+  +files/rkhunter.bash-completion, rkhunter-1.1.7.ebuild:
+  Added bash-completion script (please test).
+
+  11 Sep 2004; Aaron Walker <ka0ttic@gentoo.org> metadata.xml:
+  Updated metadata info.
+
+*rkhunter-1.1.7 (29 Aug 2004)
+
+  29 Aug 2004; <solar@gentoo.org> +rkhunter-1.1.7.ebuild:
+  version bump
+
+*rkhunter-1.1.6 (19 Aug 2004)
+
+  19 Aug 2004; <solar@gentoo.org> -rkhunter-1.1.3.ebuild,
+  -rkhunter-1.1.4.ebuild, +rkhunter-1.1.6.ebuild:
+  version bump
+
+  17 Aug 2004; <solar@gentoo.org> files/rkhunter.cron, rkhunter-1.1.4.ebuild,
+  rkhunter-1.1.5.ebuild:
+  marked 1.1.5 stable on x86
+
+  15 Aug 2004; <solar@gentoo.org> rkhunter-1.1.5.ebuild:
+  added doexe check_update.sh bug 60387
+
+*rkhunter-1.1.5 (11 Aug 2004)
+
+  11 Aug 2004; <solar@gentoo.org> rkhunter-1.1.2.ebuild,
+  rkhunter-1.1.4.ebuild, rkhunter-1.1.5.ebuild:
+  This release has the Ni0 Rootkit detection support, some small fixes, and a
+  few new tests. It also fixes the xinetd.conf false positive, and has an
+  improved application version checker and updated databases.
+
+*rkhunter-1.1.4 (07 Aug 2004)
+
+  07 Aug 2004; <solar@gentoo.org> rkhunter-1.1.4.ebuild:
+  version bump
+
+  24 Jul 2004; Bryan Østergaard <kloeri@gentoo.org> rkhunter-1.1.2.ebuild:
+  Stable on alpha.
+
+  24 Jul 2004; <solar@gentoo.org> rkhunter-1.1.3.ebuild, files/rkhunter.cron:
+  add support for rkhunter automation thanks to Aaron Walker bug 57829
+
+*rkhunter-1.1.3 (23 Jul 2004)
+
+  23 Jul 2004; <solar@gentoo.org> rkhunter-1.0.9.ebuild,
+  rkhunter-1.1.1.ebuild, rkhunter-1.1.2.ebuild, rkhunter-1.1.3.ebuild:
+  version bump, removed older ebuilds and marked 1.1.1 as stable on x86
+
+*rkhunter-1.1.2 (14 Jul 2004)
+
+  14 Jul 2004; <solar@gentoo.org> rkhunter-1.1.2.ebuild:
+  version bump
+
+*rkhunter-1.1.1 (08 Jul 2004)
+
+  08 Jul 2004; <solar@gentoo.org> rkhunter-1.0.9.ebuild,
+  rkhunter-1.1.1.ebuild:
+  version bump
+
+  30 May 2004; Jason Wever <weeve@gentoo.org> rkhunter-1.0.9.ebuild:
+  Added ~sparc keyword.
+
+  30 May 2004; Danny van Dyk <kugelfang@gentoo.org> rkhunter-1.0.9.ebuild:
+  Marked ~amd64.
+
+  30 May 2004; Bryan Østergaard <kloeri@gentoo.org> rkhunter-1.0.9.ebuild:
+  Keyworded ~alpha.
+
+*rkhunter-1.0.9 (30 May 2004)
+
+  30 May 2004; David Holm <dholm@gentoo.org> rkhunter-1.0.9.ebuild:
+  Added to ~ppc.
+
+  30 May 2004; <solar@gentoo.org> :
+  Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers.
+  Bugzilla Bug 47781 - Initial commit
+
diff --git a/app-forensics/rkhunter/Manifest b/app-forensics/rkhunter/Manifest
new file mode 100644
index 000000000000..adde08b55a14
--- /dev/null
+++ b/app-forensics/rkhunter/Manifest
@@ -0,0 +1,20 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+MD5 7a051f6bf6c49fa77c097262416f55c5 rkhunter-1.1.5.ebuild 1332
+MD5 856b44cc3331c42a3c694695b4fa1de0 rkhunter-1.1.7.ebuild 1613
+MD5 14705fc0a0b9a58e3b62a4f8bf3d6781 rkhunter-1.1.6.ebuild 1333
+MD5 28aa50ba2347f6db87dfb98b8d248f29 ChangeLog 2665
+MD5 99d3c59f680729e17f4576a845aaa6a0 metadata.xml 262
+MD5 bbe8224c46ee3ddd8cea79ed4b817ae4 files/rkhunter.cron 1035
+MD5 6ffd297b11dded42095078ef68ef2fb9 files/rkhunter.bash-completion 2529
+MD5 2d65b1e87551b85f4cec0a1743734469 files/digest-rkhunter-1.1.5 66
+MD5 c183749d28050849a426ebbbbb2523a5 files/digest-rkhunter-1.1.6 66
+MD5 011c5df2094bff6d80ce80a90e530bb6 files/digest-rkhunter-1.1.7 66
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.2.6 (GNU/Linux)
+
+iD8DBQFBQ7uHEZCkKN40op4RAuaUAKCHnOm4jiserdmHW1gGUVe1+fd2tQCgnGbI
+y5yeiqFzwf+ri8MRL0KK32E=
+=H7VT
+-----END PGP SIGNATURE-----
diff --git a/app-forensics/rkhunter/files/digest-rkhunter-1.1.5 b/app-forensics/rkhunter/files/digest-rkhunter-1.1.5
new file mode 100644
index 000000000000..7b508d02dfa2
--- /dev/null
+++ b/app-forensics/rkhunter/files/digest-rkhunter-1.1.5
@@ -0,0 +1 @@
+MD5 750df8c8ab7855bc81ba10504694a33a rkhunter-1.1.5.tar.gz 103822
diff --git a/app-forensics/rkhunter/files/digest-rkhunter-1.1.6 b/app-forensics/rkhunter/files/digest-rkhunter-1.1.6
new file mode 100644
index 000000000000..73a01c940470
--- /dev/null
+++ b/app-forensics/rkhunter/files/digest-rkhunter-1.1.6
@@ -0,0 +1 @@
+MD5 c8b8aaad07a0f440bc1af5d097ce550c rkhunter-1.1.6.tar.gz 105701
diff --git a/app-forensics/rkhunter/files/digest-rkhunter-1.1.7 b/app-forensics/rkhunter/files/digest-rkhunter-1.1.7
new file mode 100644
index 000000000000..6ed9ef9f1998
--- /dev/null
+++ b/app-forensics/rkhunter/files/digest-rkhunter-1.1.7
@@ -0,0 +1 @@
+MD5 95e8eeb46f0f2cd928180ac9cfb2dbb0 rkhunter-1.1.7.tar.gz 108223
diff --git a/app-forensics/rkhunter/files/rkhunter.bash-completion b/app-forensics/rkhunter/files/rkhunter.bash-completion
new file mode 100644
index 000000000000..cab2a3067afd
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter.bash-completion
@@ -0,0 +1,87 @@
+# bash-completion script for rkhunter
+# place this file in /etc/bash_completion.d
+
+_rkhunter() {
+	local cur prev opts
+	COMPREPLY=()
+	cur=${COMP_WORDS[COMP_CWORD]}
+	prev=${COMP_WORDS[COMP_CWORD-1]}
+	opts="-c --checkall --createlogfile --cronjob --display-logfile -h --help\
+		 --nocolors --report-mode --report-warnings-only \
+		 --skip-application-check --skip-keypress --quick --quiet --update \
+		 --version --versioncheck --bindir --configfile --dbdir --rootdir \
+		 --tmpdir --disable-md5-check --disable-passwd-check \
+		 --scan-knownbad-files" 
+
+	if [[ "${cur}" == -* ]] || [[ ${COMP_CWORD} -eq 1 ]]; then
+		COMPREPLY=($(compgen -W "${opts}" -- "${cur}"))
+	fi
+
+	case "${prev}" in
+		--createlogfile)
+			COMPREPLY=($(compgen -W "${opts/--createlogfile}" -- "${cur}"))
+			;;
+		--display-logfile)
+			COMPREPLY=($(compgen -W "${opts/--display-logfile}" -- "${cur}"))
+			;;
+		--*dir)	
+			COMPREPLY=($(compgen -o dirnames -A directory -- "${cur}"))
+			;;
+		--*file)
+			COMPREPLY=($(compgen -o filenames -A file -- "${cur}"))
+			;;
+		-c|--checkall)
+			COMPREPLY=($(compgen -W "${opts/-c --checkall}" -- "${cur}"))
+			;;
+		--cronjob)
+			COMPREPLY=($(compgen -W "${opts/--cronjob}" -- "${cur}"))
+			;;
+		-h|--help)
+			COMPREPLY=($(compgen -W "${opts/-h --help}" -- "${cur}"))
+			;;
+		--nocolors)
+			COMPREPLY=($(compgen -W "${opts/--nocolors}" -- "${cur}"))
+			;;
+		--report-mode)
+			COMPREPLY=($(compgen -W "${opts/--report-mode}" -- "${cur}"))
+			;;
+		--report-warnings-only)
+			COMPREPLY=($(compgen -W "${opts/--report-warnings-only}" -- \
+				"${cur}"))
+			;;
+		--skip-application-check)
+			COMPREPLY=($(compgen -W "${opts/--skip-application-check}" -- \
+				"${cur}"))
+			;;
+		--skip-keypress)
+			COMPREPLY=($(compgen -W "${opts/--skip-keypress}" -- "${cur}"))
+			;;
+		--quick)
+			COMPREPLY=($(compgen -W "${opts/--quick}" -- "${cur}"))
+			;;
+		--quiet)
+			COMPREPLY=($(compgen -W "${opts/--quiet}" -- "${cur}"))
+			;;
+		--update)
+			COMPREPLY=($(compgen -W "${opts/--update}" -- "${cur}"))
+			;;
+		--version)
+			COMPREPLY=($(compgen -W "${opts/--version}" -- "${cur}"))
+			;;
+		--versioncheck)
+			COMPREPLY=($(compgen -W "${opts/--versioncheck}" -- "${cur}"))
+			;;
+		--disable-md5-check)
+			COMPREPLY=($(compgen -W "${opts/--disable-md5-check}" -- "${cur}"))
+			;;
+		--disable-passwd-check)
+			COMPREPLY=($(compgen -W "${opts/--disable-passwd-check}" -- \
+				"${cur}"))
+			;;
+		--scan-knownbad-files)
+			COMPREPLY=($(compgen -W "${opts/--scan-knownbad-files}" -- \
+				"${cur}"))
+			;;
+	esac
+}
+complete -F _rkhunter rkhunter
diff --git a/app-forensics/rkhunter/files/rkhunter.cron b/app-forensics/rkhunter/files/rkhunter.cron
new file mode 100644
index 000000000000..33e57d608914
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter.cron
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+### Begin Configuration ###
+
+# set this to 'yes' to enable
+ENABLE=no
+
+RKHUNTER_EXEC="/usr/bin/rkhunter"
+RKHUNTER_OPTS="--checkall --cronjob --skip-keypress"
+
+# set to 'yes' if you wish the output to be mailed to you
+SEND_EMAIL=no
+
+# NOTE: the rest of these options are only relevant 
+# if you set SEND_EMAIL to 'yes'
+
+EMAIL_SUBJECT="${HOSTNAME}: rkhunter output"
+EMAIL_RECIPIENT=root
+EMAIL_CMD="| mail -s \"${EMAIL_SUBJECT}\" ${EMAIL_RECIPIENT}"
+
+# set to 1 to recieve only warnings & errors
+# set to 2 to recieve ALL rkhunter output
+# set to 3 to recieve rkhunter report
+EMAIL_VERBOSITY=3
+
+### End Configuration ###
+
+if [ "${ENABLE}" = "yes" ]; then
+	CMD="${RKHUNTER_EXEC} ${RKHUNTER_OPTS}"
+
+	if [ "${SEND_EMAIL}" = "yes" ]; then
+		if [ "${EMAIL_VERBOSITY}" -eq 1 ]; then
+			CMD="${CMD} --quiet ${EMAIL_CMD}"
+		elif [ "${EMAIL_VERBOSITY}" -eq 2 ]; then
+			CMD="${CMD} ${EMAIL_CMD}"
+		else # default to report-mode
+			CMD="${CMD} --report-mode ${EMAIL_CMD}"
+		fi
+	else
+		CMD="${CMD} &>/dev/null"
+	fi
+
+	eval exec "${CMD}"
+fi
diff --git a/app-forensics/rkhunter/metadata.xml b/app-forensics/rkhunter/metadata.xml
new file mode 100644
index 000000000000..522df7907b26
--- /dev/null
+++ b/app-forensics/rkhunter/metadata.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <herd>no-herd</herd>
+  <maintainer>
+    <email>ka0ttic@gentoo.org</email>
+    <name>Aaron Walker</name>
+   </maintainer>
+</pkgmetadata>
diff --git a/app-forensics/rkhunter/rkhunter-1.1.5.ebuild b/app-forensics/rkhunter/rkhunter-1.1.5.ebuild
new file mode 100644
index 000000000000..045dfb10ae5b
--- /dev/null
+++ b/app-forensics/rkhunter/rkhunter-1.1.5.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/rkhunter-1.1.5.ebuild,v 1.1 2004/09/12 07:04:48 dragonheart Exp $
+
+DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers."
+HOMEPAGE="http://www.rootkit.nl/"
+SRC_URI="http://downloads.rootkit.nl/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="x86 ~ppc ~alpha ~amd64 ~sparc"
+IUSE=""
+S=${WORKDIR}/${PN}
+DEPEND="app-arch/tar
+	app-arch/gzip
+	virtual/mta"
+RDEPEND="app-shells/bash
+	dev-lang/perl"
+
+src_install() {
+	cd ${S}/files
+	dodir /usr/lib/rkhunter
+	dodir /usr/lib/rkhunter/db
+	insinto /usr/lib/rkhunter/db
+	doins *.dat
+	dodir /usr/lib/rkhunter/scripts
+	exeinto /usr/lib/rkhunter/scripts
+	doexe *.pl check_update.sh
+	insinto /etc
+	doins rkhunter.conf
+	dosed "s:#DBDIR=/usr/local/rkhunter/db:DBDIR=/usr/lib/rkhunter/db\nINSTALLDIR=/usr:g" /etc/rkhunter.conf
+	exeinto /usr/bin
+	doexe rkhunter
+	dodoc CHANGELOG LICENSE README WISHLIST
+
+	exeinto /etc/cron.daily
+	newexe ${FILESDIR}/rkhunter.cron rkhunter
+}
+
+pkg_postinst() {
+	echo
+	einfo "A cron script has been installed to /etc/cron.daily/rkhunter."
+	einfo "To enable it, edit /etc/cron.daily/rkhunter and follow the"
+	einfo "directions."
+	echo
+}
+
+pkg_prerm() {
+	rm -rf /usr/lib/rkhunter/tmp
+}
diff --git a/app-forensics/rkhunter/rkhunter-1.1.6.ebuild b/app-forensics/rkhunter/rkhunter-1.1.6.ebuild
new file mode 100644
index 000000000000..23f35efb90c9
--- /dev/null
+++ b/app-forensics/rkhunter/rkhunter-1.1.6.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/rkhunter-1.1.6.ebuild,v 1.1 2004/09/12 07:04:48 dragonheart Exp $
+
+DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers."
+HOMEPAGE="http://www.rootkit.nl/"
+SRC_URI="http://downloads.rootkit.nl/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86 ~ppc ~alpha ~amd64 ~sparc"
+IUSE=""
+S=${WORKDIR}/${PN}
+DEPEND="app-arch/tar
+	app-arch/gzip
+	virtual/mta"
+RDEPEND="app-shells/bash
+	dev-lang/perl"
+
+src_install() {
+	cd ${S}/files
+	dodir /usr/lib/rkhunter
+	dodir /usr/lib/rkhunter/db
+	insinto /usr/lib/rkhunter/db
+	doins *.dat
+	dodir /usr/lib/rkhunter/scripts
+	exeinto /usr/lib/rkhunter/scripts
+	doexe *.pl check_update.sh
+	insinto /etc
+	doins rkhunter.conf
+	dosed "s:#DBDIR=/usr/local/rkhunter/db:DBDIR=/usr/lib/rkhunter/db\nINSTALLDIR=/usr:g" /etc/rkhunter.conf
+	exeinto /usr/bin
+	doexe rkhunter
+	dodoc CHANGELOG LICENSE README WISHLIST
+
+	exeinto /etc/cron.daily
+	newexe ${FILESDIR}/rkhunter.cron rkhunter
+}
+
+pkg_postinst() {
+	echo
+	einfo "A cron script has been installed to /etc/cron.daily/rkhunter."
+	einfo "To enable it, edit /etc/cron.daily/rkhunter and follow the"
+	einfo "directions."
+	echo
+}
+
+pkg_prerm() {
+	rm -rf /usr/lib/rkhunter/tmp
+}
diff --git a/app-forensics/rkhunter/rkhunter-1.1.7.ebuild b/app-forensics/rkhunter/rkhunter-1.1.7.ebuild
new file mode 100644
index 000000000000..5f0e7aeab87a
--- /dev/null
+++ b/app-forensics/rkhunter/rkhunter-1.1.7.ebuild
@@ -0,0 +1,56 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/rkhunter-1.1.7.ebuild,v 1.1 2004/09/12 07:04:48 dragonheart Exp $
+
+DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers."
+HOMEPAGE="http://www.rootkit.nl/"
+SRC_URI="http://downloads.rootkit.nl/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86 ~ppc ~alpha ~amd64 ~sparc"
+IUSE=""
+S=${WORKDIR}/${PN}
+DEPEND="app-arch/tar
+	app-arch/gzip
+	virtual/mta"
+RDEPEND="app-shells/bash
+	dev-lang/perl"
+
+src_install() {
+	cd ${S}/files
+	dodir /usr/lib/rkhunter
+	dodir /usr/lib/rkhunter/db
+	insinto /usr/lib/rkhunter/db
+	doins *.dat
+	dodir /usr/lib/rkhunter/scripts
+	exeinto /usr/lib/rkhunter/scripts
+	doexe *.pl check_update.sh
+	insinto /etc
+	doins rkhunter.conf
+	dosed "s:#DBDIR=/usr/local/rkhunter/db:DBDIR=/usr/lib/rkhunter/db\nINSTALLDIR=/usr:g" /etc/rkhunter.conf
+	exeinto /usr/bin
+	doexe rkhunter
+	dodoc CHANGELOG LICENSE README WISHLIST
+
+	exeinto /etc/cron.daily
+	newexe ${FILESDIR}/rkhunter.cron rkhunter
+
+	insinto /usr/share/bash-completion
+	newins ${FILESDIR}/${PN}.bash-completion ${PN}
+}
+
+pkg_postinst() {
+	echo
+	einfo "A cron script has been installed to /etc/cron.daily/rkhunter."
+	einfo "To enable it, edit /etc/cron.daily/rkhunter and follow the"
+	einfo "directions."
+	echo
+	einfo "To enable bash command-line completion for rkhunter, execute"
+	einfo "the following command as root:"
+	einfo "  ln -s /usr/share/bash-completion/rkhunter /etc/bash_completion.d/"
+	echo
+}
+
+pkg_prerm() {
+	rm -rf /usr/lib/rkhunter/tmp
+}