{"id":20163448,"url":"https://github.com/sjinks/yum-plugin-rkhunter","last_synced_at":"2025-06-13T11:36:41.274Z","repository":{"id":77875015,"uuid":"137946996","full_name":"sjinks/yum-plugin-rkhunter","owner":"sjinks","description":"Yum plugin to automatically update rkhunter's file property database after RPM transactions","archived":false,"fork":false,"pushed_at":"2023-08-11T19:17:52.000Z","size":21,"stargazers_count":1,"open_issues_count":0,"forks_count":2,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-01-13T14:22:08.709Z","etag":null,"topics":["rkhunter","rpm","security","yum-plugin"],"latest_commit_sha":null,"homepage":"https://wildwolf.name/how-to-integrate-rkhunter-with-yum/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sjinks.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":["https://www.paypal.com/donate/?hosted_button_id=SAG6877JDJ3KU","https://send.monobank.ua/jar/7rosVfiwKM"]}},"created_at":"2018-06-19T21:21:42.000Z","updated_at":"2023-07-30T11:19:11.000Z","dependencies_parsed_at":"2024-11-14T00:39:56.302Z","dependency_job_id":null,"html_url":"https://github.com/sjinks/yum-plugin-rkhunter","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sjinks%2Fyum-plugin-rkhunter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sjinks%2Fyum-plugin-rkhunter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sjinks%2Fyum-plugin-rkhunter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sjinks%2Fyum-plugin-rkhunter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sjinks","download_url":"https://codeload.github.com/sjinks/yum-plugin-rkhunter/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241600493,"owners_count":19988715,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["rkhunter","rpm","security","yum-plugin"],"created_at":"2024-11-14T00:29:39.374Z","updated_at":"2025-03-03T03:12:13.336Z","avatar_url":"https://github.com/sjinks.png","language":"Python","funding_links":["https://www.paypal.com/donate/?hosted_button_id=SAG6877JDJ3KU","https://send.monobank.ua/jar/7rosVfiwKM"],"categories":[],"sub_categories":[],"readme":"# dnf-plugin-rkhunter and yum-plugin-rkhunter\n\nThese plugins are designed to automate the update of rkhunter's file property database after RPM transactions if 'rkhunter --check' returns 0. The idea is borrowed from Debian's rkhunter package, where `dpkg` can be instructed to run `rkhunter --propupd` after each install/upgrade/removal operation automatically, so the user doesn't have to type `rkhunter --propupd` manually.\n\n## Installation\n### Manual Installation\n\n#### dnf-plugin-rkhunter.py\nCopy `dnf-plugin-rkhunter.py` to `/usr/lib/python3.6/site-packages/dnf-plugins/`:\n\n```bash\nsudo cp dnf-plugin-rkhunter.py /usr/lib/python3.6/site-packages/dnf-plugins/\n```\n\nActivate plugins:\n```ini\n# /etc/dnf/dnf.conf\nplugins=1\n```\n\n#### yum-plugin-rkhunter.py\nCopy `yum-plugin-rkhunter.py` to `/etc/yum/pluginconf.d/`:\n\n```bash\nsudo cp yum-plugin-rkhunter.py /etc/yum/pluginconf.d/\n```\n\ncopy 'yum-plugin-rkhunter.conf' to '/etc/yum/pluginconf.d/':\n```bash\nsudo cp yum-plugin-rkhunter.conf /etc/yum/pluginconf.d/\n```\n\nActivate plugins:\n```ini\n# /etc/yum.conf\nplugins=1\n```\n\n## Notes\n* Just like in Debian, if 'hashes' and 'attributes' tests are disabled, the property database is **not** updated automatically:\n```bash\nif ! grep -qsE '^DISABLE_TESTS=.*(hashes.*attributes|attributes.*hashes|properties)' /etc/rkhunter.conf /etc/rkhunter.conf.local || \\\n     grep -qsE '^ENABLE_TESTS=.*(hashes|attributes|properties)' /etc/rkhunter.conf /etc/rkhunter.conf.local; then\n         rkhunter --propupd --nolog\nfi\n```\n\n* Both plugins have been extended with an automatic `rkhunter --check` that is launched in the 'pre_transaction' phase for DNF and in the 'init' phase for Yum. It can be temporarily excluded by running DNF/Yum with the `--disableplugin=dnf-plugin-rkhunter` or `--disableplugin=yum-plugin-rkhunter` flag, respectively.\n* Both plugins check for changes with `rkhunter --check`; if the check is passed, they update the property database with `rkhunter --propupd` after each RPM transaction.\n\n**Both plugins come with two SECURITY WARNINGS** (copied from README.Debian):\n* When using automatic database update after each package install/upgrade, an attacker could replace a file after it is installed and before `rkhunter --propupd` is run. On highly protected machines, it is recommended to disable automatic database updates.\n* It is the users' responsibility to ensure that the files on the system are genuine and from a reliable source. Rkhunter can only report if a file has changed, but not on what has caused the change. Hence, if a file has changed and the `--propupd` command option is used, then rkhunter will assume that the file is genuine.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsjinks%2Fyum-plugin-rkhunter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsjinks%2Fyum-plugin-rkhunter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsjinks%2Fyum-plugin-rkhunter/lists"}