Spec URL: http://www.scrye.com/~kevin/fedora/rkhunter/rkhunter.spec SRPM URL: http://www.scrye.com/~kevin/fedora/rkhunter/rkhunter-1.3.0-1.fc9.src.rpm Description: Rootkit Hunter (RKH) is an easy-to-use tool which checks computers running UNIX (clones) for the presence of rootkits and other unwanted tools. This is a re-review of this package, as it's been orphaned for quite some time, and I wish to revive it. I have simplified the old spec a great deal and updated it to the latest version. This version does not ship the perl scripts for sha1/md5 summing, instead using installed executables, or nothing if they are not installed. Happy to take input on how better to handle this. There is also a (rather large) diff against the last spec in cvs at: http://www.scrye.com/~kevin/fedora/rkhunter/old-spec.diff
Yay security packages. Builds on development and runs. rpmlint: rkhunter.noarch: E: non-readable /etc/rkhunter.conf 0640 rkhunter.noarch: E: non-readable /etc/sysconfig/rkhunter 0640 Fine, don't let the bad guys read rkhunter config rkhunter.noarch: W: non-standard-dir-in-var rkhunter rkhunter.src: W: mixed-use-of-spaces-and-tabs (spaces: line 1, tab: line 30) Allow. rkhunter.src: W: strange-permission 01-rkhunter 0755 A script, ignore. License good, GPLv2+ Source matches Is noarch Follows naming guidelines Proper use of macros %files section proper permissions, ownership The perl scripts in the spec are a bit hard to read, but their configuration purpose is clear. As to perl scripts for sha1/md5 I agree system executables should be used. In a rootkit detection situation you may not be able to trust them, which is the only case I would find those useful. If that's the case I doubt rkhunter would be much help, as perl and the system is probably untrustworthy anyway. Feel free to continue to not include them. I see cron is using the --update flag. Applying updates will make the db show up on rpm verification as changed. This might bother the worried user running rpm -V that their rkhunter is compromised. I don't see any other way of keeping it updated in between major releases. Package itself is fine. APPROVED
Thanks for the quick review! Package Name: rkhunter Short Description: A host-based tool to scan for rootkits, backdoors and local exploits Owners: kevin,devrim Branches: F-8 F-7 InitialCC: Cvsextras Commits: yes
cvs done.
rkhunter-1.3.2-1.fc8 has been submitted as an update for Fedora 8
rkhunter-1.3.2-1.fc7 has been submitted as an update for Fedora 7
rkhunter-1.3.2-1.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update rkhunter'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-2199
rkhunter-1.3.2-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
rkhunter-1.3.2-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
can this bug be closed or are you tracking to get update into rawhide?
Nope, we can close it now.