From 912130ef4c9b658291a1af96ed26d0f2ecab6260 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Tue, 10 Oct 2023 10:32:58 +0000 Subject: [PATCH] Refresh d/p/0001-10_maldetect-paths.patch --- debian/patches/0001-10_maldetect-paths.patch | 189 ++++++++++++------- 1 file changed, 119 insertions(+), 70 deletions(-) diff --git a/debian/patches/0001-10_maldetect-paths.patch b/debian/patches/0001-10_maldetect-paths.patch index 2b6bd1f..499ab42 100644 --- a/debian/patches/0001-10_maldetect-paths.patch +++ b/debian/patches/0001-10_maldetect-paths.patch @@ -23,9 +23,9 @@ +cat > /etc/maldetect/maldetect.conf < /dev/null` -inotify_log="$inspath/logs/inotify_log" -+inotify_log="$varlibpath/inotify/inotify_log" ++inotify_log="$varlibpath/logs/inotify_log" inotify_user_instances=128 - inotify_trim=150000 + inotify_trim=131072 -hex_fifo_path="$varlibpath/internals/hexfifo" +hex_fifo_path="$varlibpath/hexfifo" hex_fifo_script="$libpath/hexfifo.pl" hex_string_script="$libpath/hexstring.pl" - scan_user_access_minuid=30 - find_opts="-regextype posix-egrep" + scan_user_access_minuid=100 +@@ -126,8 +126,8 @@ email_template="$libpath/scan.etpl" + email_panel_alert_etpl="$libpath/panel_alert.etpl" email_subj="maldet alert from $(hostname)" -cron_custom_exec="$confpath/cron/custom.cron" -cron_custom_conf="$confpath/cron/conf.maldet.cron" @@ -307,7 +336,7 @@ if [ "$OSTYPE" == "FreeBSD" ]; then --- a/files/internals/scan.etpl +++ b/files/internals/scan.etpl -@@ -28,7 +28,7 @@ +@@ -33,7 +33,7 @@ if [ "$quarantine_hits" == "0" ] && [ ! "$tot_hits" == "0" ]; then echo "WARNING: Automatic quarantine is currently disabled, detected threats are still accessible to users!" >> $tmpf echo "To enable, set quarantine_hits=1 and/or to quarantine hits from this scan run:" >> $tmpf @@ -332,7 +361,7 @@ @@ -9,12 +9,11 @@ # PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin - ver=1.6.2 + ver=1.6.5 -inspath='/usr/local/maldetect' -intcnf="$inspath/internals/internals.conf" +intcnf="/etc/maldetect/internals.conf" @@ -347,13 +376,15 @@ header() { --- a/files/service/maldet.service +++ b/files/service/maldet.service -@@ -3,9 +3,9 @@ +@@ -3,10 +3,10 @@ After=network.target [Service] --ExecStart=/usr/local/maldetect/maldet --monitor /usr/local/maldetect/monitor_paths +-EnvironmentFile=/usr/local/maldetect/conf.maldet +-ExecStart=/usr/local/maldetect/maldet --monitor $default_monitor_mode -ExecStop=/usr/local/maldetect/maldet --kill-monitor -+ExecStart=/usr/bin/maldet --monitor /etc/maldetect/monitor_paths ++EnvironmentFile=/etc/maldetect/maldetect.conf ++ExecStart=/usr/bin/maldet --monitor $default_monitor_mode +ExecStop=/usr/bin/maldet --kill-monitor Type=forking -PIDFile=/usr/local/maldetect/tmp/inotifywait.pid @@ -409,3 +440,21 @@ +# Any /etc/maldetect/maldetect.conf or /etc/maldetect/internals.conf variable +# can be redefined. ## +--- a/files/ignore_paths ++++ b/files/ignore_paths +@@ -1,2 +1,2 @@ +-/usr/local/maldetect +-/usr/local/sbin/maldet ++/etc/maldetect ++/usr/bin/maldet +--- a/files/internals/panel_alert.etpl ++++ b/files/internals/panel_alert.etpl +@@ -23,7 +23,7 @@ + if [ "$quarantine_hits" == "0" ] && [ ! "$tot_hits" == "0" ]; then + echo "WARNING: Automatic quarantine is currently disabled, detected threats are still accessible to users!" >> $tmpf + echo "To enable, set quarantine_hits=1 and/or to quarantine hits from this scan run:" >> $tmpf +- echo -e "/usr/local/sbin/maldet -q $datestamp.$$\n" >> $tmpf ++ echo -e "/usr/bin/maldetect -q $datestamp.$$\n" >> $tmpf + elif [ "$quarantine_hits" == "1" ]; then + echo "NOTICE: Automatic quarantine is enabled, and all detected threats have been quarantined." >> $tmpf + echo "All quarantined files have been moved to $quardir, and their metadata have been preserved." >> $tmpf