5 files changed, 62 insertions, 0 deletions

diff --git a/security/Makefile b/security/Makefile
index e615fa0ca698..3b3e917a3d6f 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -817,6 +817,7 @@
     SUBDIR += regripper
     SUBDIR += regripperplugins
     SUBDIR += retranslator
+    SUBDIR += revealrk
     SUBDIR += revelation
     SUBDIR += rifiuti2
     SUBDIR += rkhunter
diff --git a/security/revealrk/Makefile b/security/revealrk/Makefile
new file mode 100644
index 000000000000..8d353c109ca7
--- /dev/null
+++ b/security/revealrk/Makefile
@@ -0,0 +1,27 @@
+# $FreeBSD$
+
+PORTNAME=	revealrk
+PORTVERSION=	1.0.1
+CATEGORIES=	security
+MASTER_SITES=	SF/${PORTNAME}/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	fbsd-ports@opsec.eu
+COMMENT=	Search hidden procs/rootkits from cron with low false positive rate
+
+LICENSE=	GPLv3
+
+PLIST_FILES=	bin/revealrk
+MAN1=		revealrk.1
+
+MANCOMPRESSED=	yes
+NO_MANCOMPRESS=	yes
+
+USE_SCONS=	yes
+.if !empty(PREFIX)
+SCONS_ARGS=	--prefix=${PREFIX}
+.else
+SCONS_ARGS=	--prefix=${LOCALBASE}
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/revealrk/distinfo b/security/revealrk/distinfo
new file mode 100644
index 000000000000..cfb90f7c6a65
--- /dev/null
+++ b/security/revealrk/distinfo
@@ -0,0 +1,2 @@
+SHA256 (revealrk-1.0.1.tgz) = 7da7bd1709d06e5771c5c6d9c147ae1613f24c04633693e14afeee004d7cb844
+SIZE (revealrk-1.0.1.tgz) = 34039
diff --git a/security/revealrk/files/patch-SConstruct b/security/revealrk/files/patch-SConstruct
new file mode 100644
index 000000000000..a307f9f841e7
--- /dev/null
+++ b/security/revealrk/files/patch-SConstruct
@@ -0,0 +1,22 @@
+--- SConstruct.orig	2013-01-04 23:07:07.000000000 +0100
++++ SConstruct	2013-01-04 23:08:37.000000000 +0100
+@@ -13,7 +13,7 @@
+ pkg_files = prog_files + Split('revealrk.1 SConstruct changelog license.txt README INSTALL cron.example Makefile config.h')
+ 
+ debug     = not ARGUMENTS.get('debug', '0').lower() in ['0', 'false', 'no']
+-prefix    = GetOption('prefix') or '/'
++prefix    = GetOption('prefix') or '/usr'
+ clean_all = not GetOption('clean_all') is None
+ static    = not GetOption('static') is None
+ build_tgz = not GetOption('tgz') is None
+@@ -147,8 +147,8 @@
+         conf.env.Append(LINKFLAGS = ' -static')
+     env = conf.Finish()
+ 
+-env.Alias('install', env.AddPostAction(env.Install(prefix + '/usr/bin', target), env.Action('strip ' + prefix + '/usr/bin/' + target)))
+-env.Alias('install', env.AddPostAction(env.Install(prefix + '/usr/share/man/man1', target + '.1'), env.Action('gzip -f ' + prefix + '/usr/share/man/man1/' + target + '.1')))
++env.Alias('install', env.AddPostAction(env.Install(prefix + '/bin', target), env.Action('strip ' + prefix + '/bin/' + target)))
++env.Alias('install', env.AddPostAction(env.Install(prefix + '/man/man1', target + '.1'), env.Action('gzip -f ' + prefix + '/man/man1/' + target + '.1')))
+ 
+ if clean_all:
+     env.Clean('distclean', Split('config.log .sconf_temp .sconsign.dblite'))
diff --git a/security/revealrk/pkg-descr b/security/revealrk/pkg-descr
new file mode 100644
index 000000000000..47ef875dc0ae
--- /dev/null
+++ b/security/revealrk/pkg-descr
@@ -0,0 +1,10 @@
+
+revealrk searches for hidden processes. If you have a kernel mod
+rootkit loaded into memory without hiding any process, don't expect
+to find anything.
+
+Reveal RootKit is intended to run out of cron or similar services
+on a regular basis and avoids verbose output as long as nothing was
+found.
+
+WWW: http://sourceforge.net/projects/revealrk