diff options
| author | Helge Oldach <freebsd@oldach.net> | 2023-07-27 06:42:27 +0000 |
|---|---|---|
| committer | Fernando ApesteguĂa <fernape@FreeBSD.org> | 2023-07-28 06:31:32 +0000 |
| commit | c85caa3933d08274a9ba9b1be16ee8af5583b99a (patch) | |
| tree | 40ea0d21cdb8ac4630eff79b13b81d4b7520f2fe | |
| parent | 467da2633e193d0fedeba47fe0ae8249399089be (diff) | |
| download | ports-c85caa3933d08274a9ba9b1be16ee8af5583b99a.tar.gz ports-c85caa3933d08274a9ba9b1be16ee8af5583b99a.zip | |
security/rkhunter: Modernize and correct the periodic script
Modernize the script but use a compatibility shim to maintain previous
variables.
PR: 272516
Reported by: freebsd@oldach.net
Approved by: lukasz@wasikowski.net (maintainer)
| -rw-r--r-- | security/rkhunter/Makefile | 2 | ||||
| -rw-r--r-- | security/rkhunter/files/415.rkhunter.in | 67 | ||||
| -rw-r--r-- | security/rkhunter/pkg-message | 10 |
3 files changed, 40 insertions, 39 deletions
diff --git a/security/rkhunter/Makefile b/security/rkhunter/Makefile index f5ed7d474a72..f5c2ef749bdd 100644 --- a/security/rkhunter/Makefile +++ b/security/rkhunter/Makefile @@ -1,6 +1,6 @@ PORTNAME= rkhunter PORTVERSION= 1.4.6 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= SF diff --git a/security/rkhunter/files/415.rkhunter.in b/security/rkhunter/files/415.rkhunter.in index b35e70f724b1..4e33dc5ab443 100644 --- a/security/rkhunter/files/415.rkhunter.in +++ b/security/rkhunter/files/415.rkhunter.in @@ -2,10 +2,12 @@ # This is a maintenance shell script for the rkhunter security tool. # You can enable this script in /etc/periodic.conf file by putting these lines into it: -# daily_rkhunter_update_enable="YES" -# daily_rkhunter_update_flags="--update --nocolors" -# daily_rkhunter_check_enable="YES" -# daily_rkhunter_check_flags="--checkall --nocolors --skip-keypress" +# security_rkhunter_update_enable="YES" +# security_rkhunter_update_period="daily" +# security_rkhunter_update_flags="--update --nocolors" +# security_rkhunter_check_enable="YES" +# security_rkhunter_check_period="daily" +# security_rkhunter_check_flags="--checkall --nocolors --skip-keypress" # # Written by: Gabor Kovesdan <gabor@FreeBSD.org> @@ -14,40 +16,37 @@ if [ -r /etc/defaults/periodic.conf ]; then source_periodic_confs fi -SLEEP=/bin/sleep -JOT=/usr/bin/jot - -random() { - ${JOT} -r 1 0 900 -} - -: ${daily_rkhunter_update_flags="--update --nocolors"} -: ${daily_rkhunter_check_flags="--checkall --nocolors --skip-keypress"} +# compatibility with pre-stable/12 style variables +for type in update check +do + for mode in enable flags + do + eval old=\"\$daily_rkhunter_${type}_${mode}\" + if test -n "$old" + then + echo "Warning: Variable \$daily_rkhunter_${type}_${mode} is deprecated, use \$security_rkhunter_${type}_${mode} instead." >&2 + eval : \${security_rkhunter_${type}_${mode}:="\$daily_rkhunter_${type}_${mode}"} + fi + done +done -case "$daily_rkhunter_update_enable" in - [Yy][Ee][Ss]) +# defaults +: ${security_rkhunter_update_period:="daily"} +: ${security_rkhunter_check_period:="daily"} +: ${security_rkhunter_update_flags:="--update --nocolors"} +: ${security_rkhunter_check_flags:="--checkall --nocolors --skip-keypress"} +if check_yesno_period security_rkhunter_update_enable +then echo "" echo "Updating the rkhunter database..." - # When non-interactive, sleep to reduce congestion on rkhunter site - if [ "$1" != -nodelay ]; then - # In FreeBSD 12.0 the anticongestion function should be used - # instead of a hard-coded sleep - if [ -n "$anticongestion_sleeptime" ]; then - anticongestion - else - ${SLEEP} $(random) - fi - fi - %%PREFIX%%/bin/rkhunter ${daily_rkhunter_update_flags} - ;; -esac - -case "$daily_rkhunter_check_enable" in - [Yy][Ee][Ss]) + anticongestion + %%PREFIX%%/bin/rkhunter ${security_rkhunter_update_flags} +fi +if check_yesno_period security_rkhunter_check_enable +then echo "" echo "Running rkhunter..." - %%PREFIX%%/bin/rkhunter ${daily_rkhunter_check_flags} - ;; -esac + %%PREFIX%%/bin/rkhunter ${security_rkhunter_check_flags} +fi diff --git a/security/rkhunter/pkg-message b/security/rkhunter/pkg-message index ee7fe15bd879..3a4a2f1bb6ad 100644 --- a/security/rkhunter/pkg-message +++ b/security/rkhunter/pkg-message @@ -4,14 +4,16 @@ You should keep your rkhunter database up-to-date. This can be done automatically by putting this line to periodic.conf(5) files: -daily_rkhunter_update_enable="YES" -daily_rkhunter_update_flags="--update --nocolors" +security_rkhunter_update_enable="YES" +security_rkhunter_update_period="daily" +security_rkhunter_update_flags="--update --nocolors" Also, you can run rkhunter as a part of the daily security check by putting this line to periodic.conf(5) files: -daily_rkhunter_check_enable="YES" -daily_rkhunter_check_flags="--checkall --nocolors --skip-keypress" +security_rkhunter_check_enable="YES" +security_rkhunter_check_period="daily" +security_rkhunter_check_flags="--checkall --nocolors --skip-keypress" EOM } ] |