Hi Jörg,
Le mardi 13 mai 2008 à 14:31 +0200, Jörg Sommer a écrit :
> Hi Julien,
>
> Julien Valroff schrieb am Sun 23. Mar, 13:10 (+0100):
> > Le lundi 24 mars 2008 à 01:04 +1300, Francois Marier a écrit :
> > >
> > > > The ideal would be to update only the hashes of the newly installed or
> > > > replaced files. I guess it should be possible to compare the list of new
> > > > files with PROP_FILE_LIST. This might both speed up and secure the
> > > > process. However, I am not sure if we can easily (ad quickly) get a list
> > > > of files contained in the updated/installed packages.
> > >
> > > Yes, that would be by far the best solution: avoiding the security
> > > issue and
> > > avoiding doing unnecessary work :)
> >
> > I am already working on this, but can't find a good way to get the
> > updated files - I guess I will know apt.conf(5) by heart tonight ;)
>
> This is easy. You can install a Pre-Install-Pkgs hook and apt tell you
> what he plans to do. This way you get the filename of each updated
> package and you can extract the new files with dpkg-deb --fsys-tarfile.
> Look at apt-listchanges or debconf for an example:
>
> % grep Pre- /etc/apt/apt.conf.d/*
> 20listchanges:DPkg::Pre-Install-Pkgs { "/usr/bin/apt-listchanges --apt ||
> test $? -ne 10"; };
> 70debconf:// Pre-configure all packages with debconf before they are
> installed.
> 70debconf:DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt ||
> true";};
>
> If you update only the new files this would also speedup the post apt-get
> run. #472114
In the meantime, I have worked on such scripts, using mainly
"/usr/bin/dpkg-deb --contents $DEB"
This is indeed quite easy, but the remaining issues are:
* getting the list of files tracked by rkhunter (I would like to avoid
searching in the whole rkhunter script) (pre-inst)
* getting the files needed to be updated (post-inst) - I now use a
temporary file for passing data from pre- to post-inst, I cannot figure
out
* updating and/or creating the entries for the files in rkhunter.dat
I have found it was more logical to have this implemented directly in
rkhunter, and have asked to the upstream maintainer if this feature
could be implemented (see original report on SF :
http://sourceforge.net/tracker/index.php?func=detail&aid=1922881&group_id=155034&atid=794190
)
Cheers,
Julien
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
