From c3aac31ef7845a1663a33d9a02c77f95bdf90075 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Thu, 2 Feb 2017 17:28:33 +0100 Subject: [PATCH] Refreshing patches against latest upstream --- debian/patches/0001-10_maldetect-paths.patch | 66 +++++-------------- ...2_maldetect-cron.daily-documentroots.patch | 4 +- ...0003-13_maldetect-cron.daily-default.patch | 2 +- .../0005-15_maldetect-no-autoupdate.patch | 34 +++++----- 4 files changed, 37 insertions(+), 69 deletions(-) diff --git a/debian/patches/0001-10_maldetect-paths.patch b/debian/patches/0001-10_maldetect-paths.patch index 677a1d9..61cc658 100644 --- a/debian/patches/0001-10_maldetect-paths.patch +++ b/debian/patches/0001-10_maldetect-paths.patch @@ -16,14 +16,14 @@ install.sh | 10 +++++----- 16 files changed, 68 insertions(+), 68 deletions(-) ---- a/.ca.def -+++ b/.ca.def +--- a/files/internals/importconf ++++ b/files/internals/importconf @@ -1,4 +1,4 @@ -cat > /usr/local/maldetect/conf.maldet < /etc/maldetect/maldetect.conf <> /dev/null 2>&1 -+*/10 * * * * root /usr/bin/maldet --mkpubpaths >> /dev/null 2>&1 +-*/5 * * * * root /usr/local/maldetect/maldet --mkpubpaths >> /dev/null 2>&1 ++*/5 * * * * root /usr/bin/maldet --mkpubpaths >> /dev/null 2>&1 --- a/cron.daily +++ b/cron.daily @@ -1,8 +1,7 @@ @@ -196,18 +196,19 @@ # this ends up being a relative value per-user in user mode. --- a/files/hookscan.sh +++ b/files/hookscan.sh -@@ -1,7 +1,6 @@ +@@ -1,8 +1,7 @@ #!/usr/bin/env bash file="$1" + -inspath='/usr/local/maldetect' -intcnf="$inspath/internals/internals.conf" +intcnf="/etc/maldetect/internals.conf" - if [ -f "$intcnf" ]; then source $intcnf + fi --- a/files/internals/functions +++ b/files/internals/functions -@@ -344,7 +344,7 @@ +@@ -369,7 +369,7 @@ If FILE is specified, paths will be extracted from file, line spaced If PATHS are specified, must be comma spaced list, NO WILDCARDS! e.g: maldet --monitor users @@ -256,7 +257,7 @@ +clamscan_log="$logdir/maldetect_clamscan.log" datestamp=`date +"%y%m%d-%H%M"` utime=`date +"%s"` - + user=`whoami` @@ -61,7 +61,7 @@ sessdir="$varlibpath/sess" sigdir="$varlibpath/sigs" @@ -266,8 +267,8 @@ userbasedir="$varlibpath/pub" hits_history="$sessdir/hits.hist" quar_history="$sessdir/quarantine.hist" -@@ -89,12 +89,12 @@ - lmd_version_url="http://www.rfxn.com/downloads/maldet.current.ver" +@@ -95,18 +95,18 @@ + lmd_current_tgzfile="maldetect-1.6.tar.gz" clamav_paths="/usr/local/cpanel/3rdparty/share/clamav/ /var/lib/clamav/ /var/clamav/ /usr/share/clamav/ /usr/local/share/clamav" -tlog="$libpath/tlog" @@ -282,17 +283,14 @@ hex_fifo_script="$libpath/hexfifo.pl" hex_string_script="$libpath/hexstring.pl" scan_user_access_minuid=40 -@@ -102,8 +102,8 @@ + find_opts="-regextype posix-egrep" email_template="$libpath/scan.etpl" email_subj="maldet alert from $(hostname)" - -cron_custom_exec="$confpath/cron/custom.cron" -cron_custom_conf="$confpath/cron/conf.maldet.cron" +cron_custom_exec="$confpath/custom.cron.sh" +cron_custom_conf="$confpath/maldetect.conf.cron" - - ## backwards compatibility for pre-1.5 deprecated config options - if [ ! "$quarantine_hits" ] && [ "$quar_hits" ]; then + compatcnf="$libpath/compat.conf" --- a/files/internals/scan.etpl +++ b/files/internals/scan.etpl @@ -28,7 +28,7 @@ @@ -320,7 +318,7 @@ @@ -9,8 +9,7 @@ # PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin - ver=1.5 + ver=1.6 -inspath='/usr/local/maldetect' -intcnf="$inspath/internals/internals.conf" +intcnf="/etc/maldetect/internals.conf" @@ -362,36 +360,6 @@ #MONITOR_MODE="users" -#MONITOR_MODE="/usr/local/maldetect/monitor_paths" +#MONITOR_MODE="/etc/maldetect/monitor_paths" ---- a/install.sh -+++ b/install.sh -@@ -129,14 +129,14 @@ - echo "This program may be freely redistributed under the terms of the GNU GPL" - echo "" - echo "installation completed to $inspath" --echo "config file: $inspath/conf.maldet" -+echo "config file: $inspath/maldetect.conf" - echo "exec file: $inspath/maldet" - echo "exec link: /usr/local/sbin/maldet" - echo "exec link: /usr/local/sbin/lmd" - echo "cron.daily: /etc/cron.daily/maldet" --if [ -f "$cnftemp" ] && [ -f "$inspath.bk$$/conf.maldet" ]; then -- . files/conf.maldet -- . $inspath.bk$$/conf.maldet -+if [ -f "$cnftemp" ] && [ -f "$inspath.bk$$/maldetect.conf" ]; then -+ . files/maldetect.conf -+ . $inspath.bk$$/maldetect.conf - if [ "$quarantine_hits" == "0" ] && [ "$quar_hits" == "1" ]; then - quarantine_hits=1 - fi -@@ -144,7 +144,7 @@ - quarantine_clean="1" - fi - . $cnftemp -- echo "imported config options from $inspath.last/conf.maldet" -+ echo "imported config options from $inspath.last/maldetect.conf" - fi - $inspath/maldet --update 1 - if [ "$monmode" == "1" ]; then --- a/files/cron/conf.maldet.cron +++ b/files/cron/conf.maldet.cron @@ -1,4 +1,5 @@ diff --git a/debian/patches/0002-12_maldetect-cron.daily-documentroots.patch b/debian/patches/0002-12_maldetect-cron.daily-documentroots.patch index eef3499..9f45be6 100644 --- a/debian/patches/0002-12_maldetect-cron.daily-documentroots.patch +++ b/debian/patches/0002-12_maldetect-cron.daily-documentroots.patch @@ -8,7 +8,7 @@ Subject: 12_maldetect-cron.daily-documentroots --- a/cron.daily +++ b/cron.daily -@@ -31,6 +31,10 @@ +@@ -33,6 +33,10 @@ scan_days=1 fi @@ -19,7 +19,7 @@ Subject: 12_maldetect-cron.daily-documentroots if [ "$find" ]; then # prune any quarantine/session/tmp data older than 7 days tmpdirs="$tmpdir $varlibpath/sess $varlibpath/quarantine $varlibpath/pub" -@@ -92,7 +96,7 @@ +@@ -94,7 +98,7 @@ $inspath/maldet -b -r ${conf_hosting_path:-/var/www/sites}/?/?/subdomains/?/html/ $scan_days >> /dev/null 2>&1 else # cpanel, interworx and other standard home/user/public_html setups diff --git a/debian/patches/0003-13_maldetect-cron.daily-default.patch b/debian/patches/0003-13_maldetect-cron.daily-default.patch index 2401c47..751c946 100644 --- a/debian/patches/0003-13_maldetect-cron.daily-default.patch +++ b/debian/patches/0003-13_maldetect-cron.daily-default.patch @@ -8,7 +8,7 @@ Subject: 13_maldetect-cron.daily-default --- a/cron.daily +++ b/cron.daily -@@ -19,8 +19,8 @@ +@@ -21,8 +21,8 @@ if [ -f "/etc/sysconfig/maldet" ]; then . /etc/sysconfig/maldet diff --git a/debian/patches/0005-15_maldetect-no-autoupdate.patch b/debian/patches/0005-15_maldetect-no-autoupdate.patch index b653340..dbc588e 100644 --- a/debian/patches/0005-15_maldetect-no-autoupdate.patch +++ b/debian/patches/0005-15_maldetect-no-autoupdate.patch @@ -8,7 +8,7 @@ Subject: 15_maldetect-no-autoupdate --- a/files/maldet +++ b/files/maldet -@@ -235,10 +235,6 @@ +@@ -239,10 +239,6 @@ header purge ;; @@ -21,7 +21,7 @@ Subject: 15_maldetect-no-autoupdate if [ ! "$1" == "1" ]; then --- a/files/internals/functions +++ b/files/internals/functions -@@ -296,7 +296,7 @@ +@@ -321,7 +321,7 @@ [-f|--file-list PATH] [-i|--include-regex] [-x|--exclude-regex] [-b|--background] [-m|--monitor] [-k|--kill-monitor] [-c|--checkout] [-q|--quarantine] [-s|--restore] [-n|--clean] [-l|--log] [-e|--report] @@ -30,7 +30,7 @@ Subject: 15_maldetect-no-autoupdate EOF } -@@ -311,9 +311,6 @@ +@@ -336,9 +336,6 @@ -u, --update-sigs Update malware detection signatures from rfxn.com @@ -40,7 +40,7 @@ Subject: 15_maldetect-no-autoupdate -f, --file-list Scan files or paths defined in line spaced file e.g: maldet -f /root/scan_file_list -@@ -1696,95 +1693,6 @@ +@@ -1752,95 +1749,6 @@ fi } @@ -63,7 +63,7 @@ Subject: 15_maldetect-no-autoupdate - if [ "$upstreamver" -gt "$installedver" ]; then - eout "{update} new version $upstreamver_readable found, updating..." 1 - doupdate=1 -- elif [ "$autoupdate_version_hashed" == "1" ]; then +- elif [ "$autoupdate_version_hashed" == "1" ]; then - eout "{update} hashing install files and checking against server..." 1 - $md5sum $inspath/maldet $intfunc | awk '{print$1}' | tr '\n' ' ' | tr -d ' ' > $lmd_hash_file - upstreamhash="$tmpwd/.lmdup_hashcheck$$" @@ -94,37 +94,37 @@ Subject: 15_maldetect-no-autoupdate - fi - if [ "$doupdate" ]; then - cd $tmpwd/ -- $wget --referer="$lmd_referer" -q -T$wget_timeout -t$wget_retries "http://cdn.rfxn.com/downloads/maldetect-current.tar.gz" -O "$tmpwd/maldetect-current.tar.gz" -- $wget --referer="$lmd_referer" -q -T$wget_timeout -t$wget_retries "http://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5" -O "$tmpwd/maldetect-current.tar.gz.md5" -- if [ -s "$tmpwd/maldetect-current.tar.gz.md5" ] && [ -s "$tmpwd/maldetect-current.tar.gz" ]; then -- upstream_md5=`cat $tmpwd/maldetect-current.tar.gz.md5 | awk '{print$1}'` -- local_md5=`$md5sum $tmpwd/maldetect-current.tar.gz | awk '{print$1}'` +- $wget --referer="$lmd_referer" -q -T$wget_timeout -t$wget_retries "${lmd_current_tgzbase_url}/${lmd_current_tgzfile}" -O "$tmpwd/${lmd_current_tgzfile}" +- $wget --referer="$lmd_referer" -q -T$wget_timeout -t$wget_retries "${lmd_current_tgzbase_url}/${lmd_current_tgzfile}.md5" -O "$tmpwd/${lmd_current_tgzfile}.md5" +- if [ -s "$tmpwd/${lmd_current_tgzfile}.md5" ] && [ -s "$tmpwd/${lmd_current_tgzfile}" ]; then +- upstream_md5=`cat $tmpwd/${lmd_current_tgzfile}.md5 | awk '{print$1}'` +- local_md5=`$md5sum $tmpwd/${lmd_current_tgzfile} | awk '{print$1}'` - if [ ! "$upstream_md5" == "$local_md5" ]; then -- eout "{update} unable to verify md5sum of maldetect-current.tar.gz, update failed!" 1 +- eout "{update} unable to verify md5sum of ${lmd_current_tgzfile}, update failed!" 1 - cd $inspath ; rm -rf $tmpwd - clean_exit - exit 1 - else -- eout "{update} verified md5sum of maldetect-current.tar.gz" 1 +- eout "{update} verified md5sum of ${lmd_current_tgzfile}" 1 - fi - else -- eout "{update} could not download maldetect-current.tar.gz or .md5, please try again later." 1 +- eout "{update} could not download ${lmd_current_tgzfile} or .md5, please try again later." 1 - cd $inspath ; rm -rf $tmpwd - clean_exit - exit 1 - fi -- if [ -s "$tmpwd/maldetect-current.tar.gz" ]; then -- tar xfz maldetect-current.tar.gz +- if [ -s "$tmpwd/${lmd_current_tgzfile}" ]; then +- tar xfz ${lmd_current_tgzfile} - cd maldetect-* - chmod 750 install.sh - sh -c './install.sh' >> /dev/null 2>&1 - cp -f $inspath.last/sigs/custom.* $sigdir/ 2> /dev/null - cp -f $inspath.last/clean/custom.* $inspath/clean/ 2> /dev/null -- eout "{update} completed update v$ver => v$upstreamver_readable, running signature updates..." 1 +- eout "{update} completed update v$ver ${installed_hash:0:6} => v$upstreamver_readable ${upstream_md5:0:6}, running signature updates..." 1 - $inspath/maldet --update 1 - eout "{update} update and config import completed" 1 - else -- eout "{update} could not download maldetect-current.tar.gz, please try again later." 1 +- eout "{update} could not download ${lmd_current_tgzfile}, please try again later." 1 - cd $inspath ; rm -rf $tmpwd - clean_exit - exit 1