1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## logpath.dpatch by Giuseppe Iuculano <giuseppe@iuculano.it>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Read logs from /var/log instead of /var/adm
@DPATCH@
diff -urNad chkrootkit~/README.chklastlog chkrootkit/README.chklastlog
--- chkrootkit~/README.chklastlog 2008-11-24 14:20:06.000000000 +0100
+++ chkrootkit/README.chklastlog 2008-11-25 10:12:24.000000000 +0100
@@ -31,8 +31,8 @@
% cc -o chklastlog chklastlog.c
- To run chklastlog you need read permission on the files /var/adm/wtmp
- and /var/adm/lastlogin. Normally these files are world-readable and
+ To run chklastlog you need read permission on the files /var/log/wtmp
+ and /var/log/lastlog. Normally these files are world-readable and
no special privileges are required to run the checker.
The following is an example of the output of chklastlog.
diff -urNad chkrootkit~/README.chkwtmp chkrootkit/README.chkwtmp
--- chkrootkit~/README.chkwtmp 2008-11-24 14:20:06.000000000 +0100
+++ chkrootkit/README.chkwtmp 2008-11-25 10:11:47.000000000 +0100
@@ -30,7 +30,7 @@
To create chkwtmp under SunOS 4.x, type:
% cc -o chkwtmp chkwtmp.c
- To run chkwtmp you need read permission on the file /var/adm/wtmp.
+ To run chkwtmp you need read permission on the file /var/log/wtmp.
Normally this file is world-readable and no special privileges are
required to run the checker.
diff -urNad chkrootkit~/check_wtmpx.c chkrootkit/check_wtmpx.c
--- chkrootkit~/check_wtmpx.c 2008-11-24 14:20:06.000000000 +0100
+++ chkrootkit/check_wtmpx.c 2008-11-25 10:07:43.000000000 +0100
@@ -30,8 +30,8 @@
#include <fcntl.h>
#include <unistd.h>
-#define WTMP_FILENAME "/var/adm/wtmp"
-#define WTMPX_FILENAME "/var/adm/wtmpx"
+#define WTMP_FILENAME "/var/log/wtmp"
+#define WTMPX_FILENAME "/var/log/wtmpx"
struct file_utmp_entry
diff -urNad chkrootkit~/chklastlog.c chkrootkit/chklastlog.c
--- chkrootkit~/chklastlog.c 2008-11-25 10:06:46.000000000 +0100
+++ chkrootkit/chklastlog.c 2008-11-25 10:21:01.000000000 +0100
@@ -62,10 +62,10 @@
#define LASTLOG_FILENAME "/var/log/lastlog"
#endif
#ifndef WTMP_FILENAME
-#define WTMP_FILENAME "/var/adm/wtmp"
+#define WTMP_FILENAME "/var/log/wtmp"
#endif
#ifndef LASTLOG_FILENAME
-#define LASTLOG_FILENAME "/var/adm/lastlog"
+#define LASTLOG_FILENAME "/var/log/lastlog"
#endif
#define TRUE 1L
diff -urNad chkrootkit~/chkutmp.c chkrootkit/chkutmp.c
--- chkrootkit~/chkutmp.c 2008-11-24 14:20:06.000000000 +0100
+++ chkrootkit/chkutmp.c 2008-11-25 10:13:25.000000000 +0100
@@ -47,7 +47,7 @@
#define MAXLENGTH 256
#define UT_PIDSIZE 12
#if defined(__sun)
-#define UTMP "/var/adm/utmpx"
+#define UTMP "/var/log/utmpx"
#define UT_LINESIZE 12
#define UT_NAMESIZE 8
#define PS_CMD 0
diff -urNad chkrootkit~/chkwtmp.c chkrootkit/chkwtmp.c
--- chkrootkit~/chkwtmp.c 2008-11-25 10:06:46.000000000 +0100
+++ chkrootkit/chkwtmp.c 2008-11-25 10:13:02.000000000 +0100
@@ -36,7 +36,7 @@
#define WTMP_FILENAME "/var/log/wtmp"
#else
#ifndef WTMP_FILENAME
-#define WTMP_FILENAME "/var/adm/wtmp"
+#define WTMP_FILENAME "/var/log/wtmp"
#endif
#endif
|
