From 8f805fb66b79ccb1393e393b065e4f7216329272 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Pawe=C5=82=20Go=C5=82aszewski?= <blues@pld-linux.org>
Date: Wed, 13 Feb 2002 15:34:57 +0000
Subject: [PATCH] - check periodicaly from cron

Changed files:
    chkrootkit-check -> 1.1
    chkrootkit.sysconfig -> 1.1
---
 chkrootkit-check     | 14 ++++++++++++++
 chkrootkit.sysconfig |  5 +++++
 2 files changed, 19 insertions(+)
 create mode 100644 chkrootkit-check
 create mode 100644 chkrootkit.sysconfig

diff --git a/chkrootkit-check b/chkrootkit-check
new file mode 100644
index 0000000..ae7864e
--- /dev/null
+++ b/chkrootkit-check
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+# Get service config
+[ -f /etc/sysconfig/aide ] && . /etc/sysconfig/aide
+
+DATA=`date`
+SYSTEM=`hostname`
+
+/usr/bin/chkrootkit | /bin/egrep -v '(not (infected|found|promisc)|nothing (found|detected|deleted)|no suspect files|ROOTDIR is)' > /var/tmp/$$
+LIN=`grep -c . /var/tmp/$$`
+if [ "$LIN" -gt "1" ]; then
+	mail -s "CHKROOTKIT $SYSTEM $DATA" $CHKROOTKIT_MAILTO < /var/tmp/$$
+fi
+rm -f /var/tmp/$$
diff --git a/chkrootkit.sysconfig b/chkrootkit.sysconfig
new file mode 100644
index 0000000..e923f30
--- /dev/null
+++ b/chkrootkit.sysconfig
@@ -0,0 +1,5 @@
+# Customized setings for chkrootkit
+
+# Define who should get mail with chkrootkit report
+CHKROOTKIT_MAILTO=root
+
-- 
2.44.0