Import chkrootkit from pkgsrc-wip. Packaged by Adrian Portelli and

modified by me.

chkrootkit is a tool to locally check for signs of a rootkit.  It
contains:

 * chkrootkit: a shell script that checks system binaries for
   rootkit modification.
 * ifpromisc.c: checks if the network interface is in promiscuous
   mode.
 * chklastlog.c: checks for lastlog deletions.
 * chkwtmp.c: checks for wtmp deletions.
 * check_wtmpx.c: checks for wtmpx deletions.  (Solaris only)
 * chkproc.c: checks for signs of LKM trojans.
 * chkdirs.c: checks for signs of LKM trojans.
 * strings.c: quick and dirty strings replacement.

5 files changed, 88 insertions, 0 deletions

diff --git a/security/chkrootkit/DESCR b/security/chkrootkit/DESCR
new file mode 100644
index 00000000000..b927a834346
--- /dev/null
+++ b/security/chkrootkit/DESCR
@@ -0,0 +1,13 @@
+chkrootkit is a tool to locally check for signs of a rootkit.  It
+contains:
+
+ * chkrootkit: a shell script that checks system binaries for
+   rootkit modification.
+ * ifpromisc.c: checks if the network interface is in promiscuous
+   mode.
+ * chklastlog.c: checks for lastlog deletions.
+ * chkwtmp.c: checks for wtmp deletions.
+ * check_wtmpx.c: checks for wtmpx deletions.  (Solaris only)
+ * chkproc.c: checks for signs of LKM trojans.
+ * chkdirs.c: checks for signs of LKM trojans.
+ * strings.c: quick and dirty strings replacement.
diff --git a/security/chkrootkit/Makefile b/security/chkrootkit/Makefile
new file mode 100644
index 00000000000..70d5bec7ec1
--- /dev/null
+++ b/security/chkrootkit/Makefile
@@ -0,0 +1,45 @@
+# $NetBSD: Makefile,v 1.1.1.1 2004/02/17 15:33:52 minskim Exp $
+#
+
+DISTNAME=		chkrootkit
+PKGNAME=		${DISTNAME}-0.43
+CATEGORIES=		security
+MASTER_SITES=		ftp://ftp.pangeia.com.br/pub/seg/pac/
+
+MAINTAINER=		pancake@phreaker.net
+HOMEPAGE=		http://www.chkrootkit.org/
+COMMENT=		Locally checks for signs of a rootkit
+
+PKG_INSTALLATION_TYPES=	overwrite pkgviews
+
+WRKSRC=			${WRKDIR}/${PKGNAME}
+DIST_SUBDIR=		${PKGNAME}
+USE_GNU_TOOLS+=		make
+USE_BUILDLINK3=		yes
+NO_CONFIGURE=		yes
+
+PROGRAMS=	chkdirs chklastlog chkproc chkwtmp ifpromisc strings-static
+
+.include "../../mk/bsd.prefs.mk"
+
+.if ${OPSYS} == "SunOS"
+PROGRAMS+=	check_wtmpx
+PLIST_SUBST+=	WTMPX=""
+CFLAGS+=	-DSOLARIS2
+LDFLAGS+=	-lsocket
+.  if empty(CC_VERSION:Mgcc-*)
+MAKE_ENV+=	STATIC="-B static"
+.  else
+MAKE_ENV+=	STATIC="-static"
+.  endif
+.else
+PLIST_SUBST+=	WTMPX="@comment "
+MAKE_ENV+=	STATIC="-static"
+.endif
+
+INSTALLATION_DIRS+=	bin
+
+do-install:
+	cd ${WRKSRC} && ${INSTALL_PROGRAM} ${PROGRAMS} ${PREFIX}/bin
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/chkrootkit/PLIST b/security/chkrootkit/PLIST
new file mode 100644
index 00000000000..cec8404e14a
--- /dev/null
+++ b/security/chkrootkit/PLIST
@@ -0,0 +1,8 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2004/02/17 15:33:52 minskim Exp $
+${WTMPX}bin/check_wtmpx
+bin/chkdirs
+bin/chklastlog
+bin/chkproc
+bin/chkwtmp
+bin/ifpromisc
+bin/strings-static
diff --git a/security/chkrootkit/distinfo b/security/chkrootkit/distinfo
new file mode 100644
index 00000000000..e0c22ac46d5
--- /dev/null
+++ b/security/chkrootkit/distinfo
@@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.1.1.1 2004/02/17 15:33:52 minskim Exp $
+
+SHA1 (chkrootkit-0.43/chkrootkit.tar.gz) = 58e3693823a9b8ab9b6bb609d54b5716af332a00
+Size (chkrootkit-0.43/chkrootkit.tar.gz) = 33355 bytes
+SHA1 (patch-aa) = c47ecb09d02c710727420a3adfb7d8b62d721f2d
diff --git a/security/chkrootkit/patches/patch-aa b/security/chkrootkit/patches/patch-aa
new file mode 100644
index 00000000000..f28823cda8f
--- /dev/null
+++ b/security/chkrootkit/patches/patch-aa
@@ -0,0 +1,17 @@
+$NetBSD: patch-aa,v 1.1.1.1 2004/02/17 15:33:52 minskim Exp $
+
+--- Makefile.orig	2003-12-26 15:34:10.000000000 -0600
++++ Makefile
+@@ -3,9 +3,9 @@
+ # (C) 1997-2003 Nelson Murilo, Pangeia Informatica, AMS Foundation and others.
+ #
+ 
+-CC       = gcc
+-CFLAGS	 = -DHAVE_LASTLOG_H
+-STATIC   = -static
++#CC       = gcc
++#CFLAGS	 = -DHAVE_LASTLOG_H
++#STATIC   = -static
+ 
+ ###
+ ### Solaris 2.x