Skip to content

Commit

Permalink
Refreshing patches against upstream
Browse files Browse the repository at this point in the history
  • Loading branch information
waja committed Dec 13, 2016
1 parent 884ad86 commit 2f30f90
Show file tree
Hide file tree
Showing 5 changed files with 92 additions and 118 deletions.
179 changes: 76 additions & 103 deletions debian/patches/0001-10_maldetect-paths.patch
Original file line number Diff line number Diff line change
Expand Up @@ -155,77 +155,41 @@
+*/10 * * * * root /usr/bin/maldet --mkpubpaths >> /dev/null 2>&1
--- a/cron.daily
+++ b/cron.daily
@@ -1,14 +1,14 @@
#!/bin/bash
@@ -1,15 +1,16 @@
#!/usr/bin/env bash
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:$PATH
export LMDCRON=1
-. /usr/local/maldetect/conf.maldet
-if [ -f "/usr/local/maldetect/conf.maldet.cron" ]; then
- . /usr/local/maldetect/conf.maldet.cron
+. /etc/maldetect/maldetect.conf
+if [ -f "/etc/maldetect/maldetect.conf.cron" ]; then
+ . /etc/maldetect/maldetect.conf.cron
-install_path=/usr/local/maldetect
+install_path=/usr/bin
+var_path=/var/lib/maldetect

-cron_custom_exec=$inspath/cron/custom.cron
-cron_custom_conf=$inspath/cron/conf.maldet.cron
+cron_custom_exec=/etc/maldetect/custom.cron.sh
+cron_custom_conf=/etc/maldetect/maldetect.conf.cron

-if [ -f "$install_path/conf.maldet" ]; then
- . $install_path/conf.maldet
+if [ -f "/etc/maldetect/maldetect.conf" ]; then
+ . /etc/maldetect/maldetect.conf
else
- echo "could not find $install_path/conf.maldet, fatal error, bye."
+ echo "could not find /etc/maldetect/maldetect.conf, fatal error, bye."
exit 1
fi

@@ -24,7 +25,7 @@
find=`which find 2> /dev/null`
if [ "$find" ]; then
# prune any quarantine/session/tmp data older than 7 days
- tmpdirs="/usr/local/maldetect/tmp /usr/local/maldetect/sess /usr/local/maldetect/quarantine /usr/local/maldetect/pub"
+ tmpdirs="/tmp/maldetect /var/lib/maldetect/sess /var/lib/maldetect/quarantine /var/lib/maldetect/pub/"
- tmpdirs="$install_path/tmp $install_path/sess $install_path/quarantine $install_path/pub"
+ tmpdirs="/tmp/maldetect $var_path/sess $var_path/quarantine $var_path/pub"
for dir in $tmpdirs; do
if [ -d "$dir" ]; then
$find $dir -type f -mtime +7 -print0 | xargs -0 rm -f >> /dev/null 2>&1
@@ -23,38 +23,38 @@

if [ "$autoupdate_version" == "1" ]; then
# check for new release version
- /usr/local/maldetect/maldet -d >> /dev/null 2>&1
+ /usr/bin/maldet -d >> /dev/null 2>&1
fi

if [ "$autoupdate_signatures" == "1" ]; then
# check for new definition set
- /usr/local/maldetect/maldet -u >> /dev/null 2>&1
+ /usr/bin/maldet -u >> /dev/null 2>&1
fi

# if we're running inotify monitoring, send daily hit summary
if [ "$(ps -A --user root -o "cmd" | grep maldetect | grep inotifywait)" ]; then
- /usr/local/maldetect/maldet --monitor-report >> /dev/null 2>&1
+ /usr/bin/maldet --monitor-report >> /dev/null 2>&1
else
if [ -d "/home/virtual" ] && [ -d "/usr/lib/opcenter" ]; then
# ensim
- /usr/local/maldetect/maldet -b -r /home/virtual/?/fst/var/www/html/,/home/virtual/?/fst/home/?/public_html/ 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /home/virtual/?/fst/var/www/html/,/home/virtual/?/fst/home/?/public_html/ 1 >> /dev/null 2>&1
elif [ -d "/etc/psa" ] && [ -d "/var/lib/psa" ]; then
# psa
- /usr/local/maldetect/maldet -b -r /var/www/vhosts/?/ 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /var/www/vhosts/?/ 1 >> /dev/null 2>&1
elif [ -d "/usr/local/directadmin" ]; then
# DirectAdmin
- /usr/local/maldetect/maldet -b -r /home?/?/domains/?/public_html/,/var/www/html/?/ 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /home?/?/domains/?/public_html/,/var/www/html/?/ 1 >> /dev/null 2>&1
elif [ -d "/var/www/clients" ]; then
# ISPConfig
- /usr/local/maldetect/maldet -b -r /var/www/clients/?/web?/web 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /var/www/clients/?/web?/web 1 >> /dev/null 2>&1
elif [ -d "/etc/webmin/virtual-server" ]; then
# Virtualmin
- /usr/local/maldetect/maldet -b -r /home/?/public_html/,/home/?/domains/?/public_html/ 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /home/?/public_html/,/home/?/domains/?/public_html/ 1 >> /dev/null 2>&1
elif [ -d "/usr/local/ispmgr" ]; then
# ISPmanager
- /usr/local/maldetect/maldet -b -r /var/www/?/data/,/home/?/data/ 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /var/www/?/data/,/home/?/data/ 1 >> /dev/null 2>&1
else
# cpanel, interworx and other standard home/user/public_html setups
- /usr/local/maldetect/maldet -b -r /home?/?/public_html/,/var/www/html/,/usr/local/apache/htdocs/ 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /home?/?/public_html/,/var/www/html/,/usr/local/apache/htdocs/ 1 >> /dev/null 2>&1
fi
fi
--- a/files/conf.maldet
+++ b/files/conf.maldet
@@ -51,7 +51,7 @@
@@ -49,7 +49,7 @@
autoupdate_version_hashed="1"

# When defined, the import_config_url option allows a configuration file to be
Expand All @@ -234,7 +198,7 @@
# parsed followed by the imported configuration file. As such, only variables
# defined in the imported configuration file are overridden and a full set of
# configuration options is not explicitly required in the imported file.
@@ -170,7 +170,7 @@
@@ -168,7 +168,7 @@
# user files. This 'find' operation can be especially resource intensive and it may
# be desirable to persist the file list results so that other applications/tasks
# may make use of the results. When scan_export_filelist is set enabled, the most
Expand All @@ -243,9 +207,9 @@
# [ 0 = disabled, 1 = enabled ]
scan_export_filelist="0"

@@ -204,7 +204,7 @@
@@ -202,7 +202,7 @@
# init based startup script. This value is ignored when '/etc/sysconfig/maldet'
# is present with a defined value for $MONITOR_MODE.
# or '/etc/default/maldet' is present with a defined value for $MONITOR_MODE.
# default_monitor_mode="users"
-# default_monitor_mode="/usr/local/maldetect/monitor_paths"
+# default_monitor_mode="/etc/maldetect/monitor_paths"
Expand All @@ -262,7 +226,7 @@
+cd /tmp ; /usr/bin/maldet --config-option quar_hits=1,quar_clean=0,tmpdir=/var/tmp,scan_tmpdir_paths='',scan_clamscan=$clamd_scan --hook-scan -a "$file"
--- a/files/internals/functions
+++ b/files/internals/functions
@@ -17,7 +17,7 @@
@@ -16,7 +16,7 @@
exit
fi
header
Expand All @@ -271,7 +235,7 @@
exit 1
fi
pub=1
@@ -191,7 +191,7 @@
@@ -190,7 +190,7 @@
eout "{glob} scan interrupt by user, aborting scan..." 1
eout "{scan} scan report saved, to view run: maldet --report $datestamp.$$" 1
if [ "$quarantine_hits" == "0" ] && [ ! "$tot_hits" == "0" ]; then
Expand All @@ -280,7 +244,7 @@
fi
exit
fi
@@ -346,7 +346,7 @@
@@ -345,7 +345,7 @@
If FILE is specified, paths will be extracted from file, line spaced
If PATHS are specified, must be comma spaced list, NO WILDCARDS!
e.g: maldet --monitor users
Expand All @@ -289,7 +253,7 @@
e.g: maldet --monitor /home/mike,/home/ashton

-k, --kill-monitor
@@ -369,7 +369,7 @@
@@ -368,7 +368,7 @@
-s, --restore FILE|SCANID
Restore file from quarantine queue to orginal path or restore all items from
a specific SCANID
Expand All @@ -298,7 +262,7 @@
e.g: maldet --restore 050910-1534.21135

-q, --quarantine SCANID
@@ -387,7 +387,7 @@
@@ -386,7 +386,7 @@
e.g: maldet --user nobody --restore 050910-1534.21135

-co, --config-option VAR1=VALUE,VAR2=VALUE,VAR3=VALUE
Expand All @@ -307,7 +271,7 @@
e.g: maldet --config-option email_addr=you@domain.com,quarantine_hits=1

-p, --purge
@@ -1035,7 +1035,7 @@
@@ -1037,7 +1037,7 @@
eout "{scan} scan completed on $spath: files $tot_files, malware hits $tot_hits, cleaned hits $tot_cl, time ${scan_et}s" 1
eout "{scan} scan report saved, to view run: maldet --report $datestamp.$$" 1
if [ "$quarantine_hits" == "0" ] && [ ! "$tot_hits" == "0" ]; then
Expand All @@ -329,20 +293,21 @@
if (-p $named_pipe_name) {
--- a/files/internals/internals.conf
+++ b/files/internals/internals.conf
@@ -8,9 +8,9 @@
@@ -6,9 +6,10 @@
##
#

-logdir="$inspath/logs"
-maldet_log="$logdir/event_log"
-clamscan_log="$logdir/clamscan_log"
+logdir="/var/log"
+conf_path="/etc/maldetect"
+maldet_log="$logdir/maldetect_event.log"
+clamscan_log="$logdir/maldetect_clamscan.log"
datestamp=`date +"%y%m%d-%H%M"`
utime=`date +"%s"`

wget_timeout="5"
@@ -44,15 +44,15 @@
@@ -43,16 +44,16 @@
logger=`which logger 2> /dev/null`

suppress_cleanhit="$email_ignore_clean"
Expand All @@ -355,19 +320,21 @@
-sigdir="$inspath/sigs"
-cldir="$inspath/clean"
-tmpdir="$inspath/tmp"
+ignore_paths="/etc/maldetect/ignore_paths"
+ignore_sigs="/etc/maldetect/ignore_sigs"
+ignore_inotify="/etc/maldetect/ignore_inotify"
+ignore_file_ext="/etc/maldetect/ignore_file_ext"
+quardir="/var/lib/maldetect/quarantine"
+sessdir="/var/lib/maldetect/sess"
+sigdir="/var/lib/maldetect/sigs"
+cldir="/var/lib/maldetect/clean"
-userbasedir="$inspath/pub"
+ignore_paths="$conf_path/ignore_paths"
+ignore_sigs="$conf_path/ignore_sigs"
+ignore_inotify="$conf_path/ignore_inotify"
+ignore_file_ext="$conf_path/ignore_file_ext"
+quardir="$var_path/quarantine"
+sessdir="$var_path/sess"
+sigdir="$var_path/sigs"
+cldir="$var_path/clean"
+tmpdir="/tmp/maldetect"
+userbasedir="$var_path/pub"
hits_history="$sessdir/hits.hist"
quar_history="$sessdir/quarantine.hist"

sig_version_file="$sigdir/maldet.sigs.ver"
if [ -f "$sig_version_file" ]; then
@@ -77,17 +77,17 @@
@@ -79,17 +80,17 @@
lmd_version_url="http://www.rfxn.com/downloads/maldet.current.ver"

clamav_paths="/usr/local/cpanel/3rdparty/share/clamav/ /var/lib/clamav/ /var/clamav/ /usr/share/clamav/ /usr/local/share/clamav"
Expand All @@ -393,7 +360,7 @@
## backwards compatibility for pre-1.5 deprecated config options
--- a/files/internals/scan.etpl
+++ b/files/internals/scan.etpl
@@ -29,7 +29,7 @@
@@ -28,7 +28,7 @@
if [ "$quarantine_hits" == "0" ] && [ ! "$tot_hits" == "0" ]; then
echo "WARNING: Automatic quarantine is currently disabled, detected threats are still accessible to users!" >> $tmpf
echo "To enable, set quarantine_hits=1 and/or to quarantine hits from this scan run:" >> $tmpf
Expand Down Expand Up @@ -456,25 +423,25 @@
WantedBy=multi-user.target
--- a/files/service/maldet.sh
+++ b/files/service/maldet.sh
@@ -10,8 +10,8 @@
. /etc/init.d/functions
if [ -f "/etc/sysconfig/maldet" ]; then
@@ -27,7 +27,7 @@
. /etc/sysconfig/maldet
elif [ -f "/etc/default/maldet" ]; then
. /etc/default/maldet
-elif [ "$(egrep ^default_monitor_mode /usr/local/maldetect/conf.maldet 2> /dev/null)" ]; then
- . /usr/local/maldetect/conf.maldet
+elif [ "$(egrep ^default_monitor_mode /etc/maldetect/maldetect.conf 2> /dev/null)" ]; then
+ . /etc/maldetect/maldetect.conf
. /usr/local/maldetect/conf.maldet
if [ "$default_monitor_mode" ]; then
MONITOR_MODE="$default_monitor_mode"
fi
@@ -21,13 +21,13 @@
LOCKFILE=/var/lock/subsys/$prog
@@ -43,7 +43,7 @@

if [ -z "$MONITOR_MODE" ]; then
- echo "error no default monitor mode defined, set \$MONITOR_MODE in /etc/sysconfig/maldet or \$default_monitor_mode in /usr/local/maldetect/conf.maldet"
+ echo "error no default monitor mode defined, set \$MONITOR_MODE in /etc/sysconfig/maldet or \$default_monitor_mode in /etc/maldetect/maldetect.conf"
exit 1
fi
if [ -f /etc/redhat-release ]; then
- echo "error no default monitor mode defined, set \$MONITOR_MODE in /etc/sysconfig/maldet, or \$default_monitor_mode in /usr/local/maldetect/conf.maldet"
+ echo "error no default monitor mode defined, set \$MONITOR_MODE in /etc/sysconfig/maldet, or \$default_monitor_mode in /etc/maldetect/maldetect.conf"
elif [ -f /etc/debian_version ]; then
echo "error no default monitor mode defined, set \$MONITOR_MODE in /etc/default/maldet, or \$default_monitor_mode in /usr/local/maldetect/conf.maldet"
else
@@ -54,7 +54,7 @@

start() {
echo -n "Starting $prog: "
Expand All @@ -483,15 +450,21 @@
RETVAL=$? [ $RETVAL -eq 0 ] && touch $LOCKFILE
echo
return $RETVAL
@@ -35,7 +35,7 @@

@@ -63,11 +63,11 @@
stop() {
echo -n "Shutting down $prog: "
- /usr/local/maldetect/maldet --kill-monitor && success || failure
+ /usr/bin/maldet --kill-monitor && success || failure
if [ -f /etc/redhat-release ]; then
- /usr/local/maldetect/maldet --kill-monitor && success || failure
+ /usr/bin/maldet --kill-monitor && success || failure
elif [ -f /etc/debian_version ]; then
- /usr/local/maldetect/maldet --kill-monitor && log_success_msg || log_failure_msg
+ /usr/bin/maldet --kill-monitor && log_success_msg || log_failure_msg
else
- /usr/local/maldetect/maldet --kill-monitor && success || failure
+ /usr/bin/maldet --kill-monitor && success || failure
fi
RETVAL=$? [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
echo
return $RETVAL
--- a/files/service/maldet.sysconfig
+++ b/files/service/maldet.sysconfig
@@ -9,4 +9,4 @@
Expand All @@ -502,7 +475,7 @@
+#MONITOR_MODE="/etc/maldetect/monitor_paths"
--- a/install.sh
+++ b/install.sh
@@ -122,14 +122,14 @@
@@ -128,14 +128,14 @@
echo "This program may be freely redistributed under the terms of the GNU GPL"
echo ""
echo "installation completed to $inspath"
Expand All @@ -521,7 +494,7 @@
if [ "$quarantine_hits" == "0" ] && [ "$quar_hits" == "1" ]; then
quarantine_hits=1
fi
@@ -137,7 +137,7 @@
@@ -143,7 +143,7 @@
quarantine_clean="1"
fi
. $cnftemp
Expand Down
15 changes: 8 additions & 7 deletions debian/patches/0002-12_maldetect-cron.daily-documentroots.patch
Original file line number Diff line number Diff line change
Expand Up @@ -8,22 +8,23 @@ Subject: 12_maldetect-cron.daily-documentroots

--- a/cron.daily
+++ b/cron.daily
@@ -6,6 +6,10 @@
. /etc/maldetect/maldetect.conf.cron
@@ -23,6 +23,10 @@
fi

find=`which find 2> /dev/null`
+if [ ! "${STDDOCROOT}" ]; then
+ STDDOCROOT="/var/www/,/srv/www/"
+fi
+
if [ "$find" ]; then
# prune any quarantine/session/tmp data older than 7 days
tmpdirs="/tmp/maldetect /var/lib/maldetect/sess /var/lib/maldetect/quarantine /var/lib/maldetect/pub/"
@@ -55,6 +59,6 @@
/usr/bin/maldet -b -r /var/www/?/data/,/home/?/data/ 1 >> /dev/null 2>&1
tmpdirs="/tmp/maldetect $var_path/sess $var_path/quarantine $var_path/pub"
@@ -78,7 +82,7 @@
$install_path/maldet -b -r /home/?/web/?/public_html/,/home/?/web/?/public_shtml/,/home/?/tmp/,/home/?/web/?/private/ $scan_days >> /dev/null 2>&1
else
# cpanel, interworx and other standard home/user/public_html setups
- /usr/bin/maldet -b -r /home?/?/public_html/,/var/www/html/,/usr/local/apache/htdocs/ 1 >> /dev/null 2>&1
+ /usr/bin/maldet -b -r /home?/?/public_html/,/var/www/html/,${STDDOCROOT} 1 >> /dev/null 2>&1
- $install_path/maldet -b -r /home?/?/public_html/,/var/www/html/,/usr/local/apache/htdocs/ $scan_days >> /dev/null 2>&1
+ $install_path/maldet -b -r /home?/?/public_html/,/var/www/html/,${STDDOCROOT} $scan_days >> /dev/null 2>&1
fi
fi

4 changes: 2 additions & 2 deletions debian/patches/0003-13_maldetect-cron.daily-default.patch
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@ Subject: 13_maldetect-cron.daily-default

--- a/cron.daily
+++ b/cron.daily
@@ -6,6 +6,10 @@
. /etc/maldetect/maldetect.conf.cron
@@ -23,6 +23,10 @@
fi

find=`which find 2> /dev/null`
+if [ -r "/etc/default/maldetect" ]; then
+ source /etc/default/maldetect
Expand Down
4 changes: 2 additions & 2 deletions debian/patches/0004-14_maldetect-manpage.patch
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
--- files/maldet.1 2016-05-29 17:28:55.167807923 +0200
+++ files/maldet.1 2015-10-06 17:05:27.000000000 +0200
--- a/files/maldet.1
+++ b/files/maldet.1
@@ -163,7 +163,7 @@
If FILE is specified, paths will be extracted from file, line spaced
If PATHS are specified, must be comma spaced list, NO WILDCARDS!
Expand Down
Loading

0 comments on commit 2f30f90

Please sign in to comment.