rkhunter: init at 1.4.6

[D3vil0p3r]

Description of changes

rkhunter: scan systems for known and unknown rootkits, backdoors, sniffers and exploits.

Waiting for unhide package.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[D3vil0p3r]

@a-n-n-a-l-e-e I would like to ask you about this particular case: the upstream installs the tool by ./installer.sh. It writes several config file in $out/etc/rkhunter.conf. This file should be intended to be edited by the user, but $out will be read-only. How is it possible to manage this case?

[ghost]

@a-n-n-a-l-e-e I would like to ask you about this particular case: the upstream installs the tool by ./installer.sh. It writes several config file in $out/etc/rkhunter.conf. This file should be intended to be edited by the user, but $out will be read-only. How is it possible to manage this case?

good question, and i do not know. i haven't had to deal with this yet in my nixpkgs experience.

[eclairevoyant]

It writes several config file in $out/etc/rkhunter.conf. This file should be intended to be edited by the user

In that case, continue to let it write to $out, but ensure that it still reads from /etc itself (not /nix/store/.../etc/). Then the end user can use environment.etc and configure it themselves.

[D3vil0p3r]

It writes several config file in $out/etc/rkhunter.conf. This file should be intended to be edited by the user

In that case, continue to let it write to $out, but ensure that it still reads from /etc itself (not /nix/store/.../etc/). Then the end user can use environment.etc and configure it themselves.

How can we make it to read from /etc instead of /nix/store/.../etc)? And if so, what is the sense to still have $out/etc? Thanks for your answer btw

[eclairevoyant]

what is the sense to still have $out/etc?

Packages can only install files into their outputs, $out in this case.

How can we make it to read from /etc instead of /nix/store/.../etc)?

Check the code and see if there's some buildtime flag to set, or you'll have to patch it.