stealth (4.03.03) * Published Stealth 4.03.02 too early. Use 4.03.03 instead -- Frank B. Brokken Mon, 12 Sep 2022 15:44:15 +0200 stealth (4.03.02) * Ready for libbobcat6 * Added 'c++std' defining the c++ standard to use for compilation. Compilation commands also use -Werror * The 'build' script defines the command 'build manual', replacing 'build uguide' * Removed the unused '\usepackage[...]{hyperref}' from './documentation/manual/stealth.sty' -- Frank B. Brokken Mon, 12 Sep 2022 15:19:28 +0200 stealth (4.03.01) * Removed overlooked comment in main() causing stealth to only look at its command line arguments, without performing other actions. * Updated the affiliation in the man-page and manual. -- Frank B. Brokken Wed, 06 Oct 2021 22:12:06 +0200 stealth (4.03.00) * Removed -q from the build script * Repaired the icmake/findall function * Documentation is stored under (usr/share/doc/){stealth,stealth/scripts,stealth-doc} -- Frank B. Brokken Wed, 30 Jun 2021 12:05:05 +0200 stealth (4.02.00) * Requires bobcat >= 5.00.00 -- Frank B. Brokken Wed, 24 Apr 2019 12:35:54 +0200 stealth (4.01.11) * Migrated from Github to Gitlab. -- Frank B. Brokken Tue, 19 Jun 2018 17:57:30 +0530 stealth (4.01.10) * Added texlive-latex-extra to 'required' * Specified c++17 as the C++ standard to use in INSTALL.im -- Frank B. Brokken Thu, 18 Jan 2018 11:06:51 +0100 stealth (4.01.09) * New compilation needed for bobcat 4.08.02 * Cosmetics on the icmconf configuration file (e.g., std=c++14 not specified anymore since that's currently the default) -- Frank B. Brokken Fri, 22 Sep 2017 08:57:53 +0200 stealth (4.01.08) * New compiler releases required #include in integrityscanner.ih. No further implementation changes or changes in Stealth's behavior. -- Frank B. Brokken Thu, 31 Aug 2017 16:27:52 +0200 stealth (4.01.07) * Replaced no longer supported Yodl tags startit() ... endit() by itemization( ... ) -- Frank B. Brokken Mon, 07 Aug 2017 15:27:20 +0200 stealth (4.01.06) * Implemented Svante Signell's (via Tony Mancill) patch to return the current working directory (options/getcwd.cc). -- Frank B. Brokken Wed, 19 Apr 2017 11:57:44 +0200 stealth (4.01.05) * Fixed typos reported by Lintian * Updated the overview of required software in 'required' -- Frank B. Brokken Sat, 14 May 2016 14:16:00 +0530 stealth (4.01.04) * Streamlined the `build install' actions * Requiring icmake 8.00.05 -- Frank B. Brokken Thu, 24 Dec 2015 12:51:21 +0100 stealth (4.01.03) * Adapted build scripts to icmake 8.00.04 -- Frank B. Brokken Sun, 20 Dec 2015 11:56:40 +0100 stealth (4.01.02) * Kevin Brodsky observed that the installation scripts used 'chdir' rather than 'cd'. Fixed in this release. * Kevin Brodsky also observed that the combined size of all precompiled headers might exceed some disks capacities. The option -P was added to the ./build script to prevent the use of precompiled headers. -- Frank B. Brokken Mon, 05 Oct 2015 21:18:02 +0200 stealth (4.01.01) * Standardized the (de)installation procedures -- Frank B. Brokken Sat, 03 Oct 2015 18:26:05 +0200 stealth (4.01.00) * Added option --ping, verifying whether a stealth daemon is still available. See the man-page for details. * Updated the /usr/bin/stealthcron script, e.g., calling logger when stealth was restarted. -- Frank B. Brokken Sat, 07 Mar 2015 14:49:08 +0100 stealth (4.00.00) * Stealth 4.00.00 uses Unix Domain Sockets instead of signals to communicatie with the stealth monitor running as a daemon. * Previously required absolute file paths are no longer required. When relative file paths are used with the Stealth daemon or with Stealth doing an integrity scan as foreground process they are interpreted relatively to the current working directory, or (when specified in the policy file) relative to the USE BASE location. With Stealth running in IPC mode relative file paths are interpreted relative to the directory in which Stealth running in IPC mode was started. * A README.flow file is provided with several separately provided illustrative images in the directory documentation/images. Similarly: README.messages describes the organization of log/mail message handling. * Specifications for the logrotate specifications should use 'copytruncate' and 'sharedscripts' (see the man-page for an example). * share/usr/bin/stealthcron now specifies a Unix Domain Socket (usage not changed). * Fixed compilation errors that emerged with g++-5, reported by Matthias Klose. -- Frank B. Brokken Sat, 07 Feb 2015 21:14:30 +0100 stealth (3.00.00) * Version 3.00.00 completely reorganizes and refactors Stealth's components. Long functions were split into shorter ones and several new classes were defined, resulting in better compartmentalization of tasks. * At the program's logical flow level continuation and related flow control was re-implemented, using, e.g., Bobcat's FBB::Signal class to handle signals. Also, wait facilities based on sleep(3) selector(3bobcat) were replaced by C++11 facilities using mutexes and condition variables. * Stealth's cross-refeence information is added to the source archive, installed by default in EXTRA/stealth.xref.gz (cf. INSTALL.im for the actual EXTRA location. * The manual and man-pages received a complete overhaul. * See the manual's `What's new' section for an overview of changes that are immediatly relevant at the user-level. E.g., the option --keep-alive is no longer supported. * The manual's .pdf version now offers clickable hyperlinks. * Several README.* files were added. In particular: README.3.00.00 summarizes the changes from stealth 2.12.00 to stealth 3.00.00 -- Frank B. Brokken Fri, 29 Aug 2014 12:52:15 +0200 stealth (2.12.00) * Fixed a bug preventing stealth runs to end when a command returns a non-zero exit value * Replaced obsolete Errno calls by Exception calls stealth (2.11.04) * Fixed a compilation error with clang, reported by Nicolas Sevelin-Radiguet. * Removed superfluous patch-files 01_include_errno.patch and clang_FTBFS_ambiguous-declaration.patch -- Frank B. Brokken Thu, 24 Apr 2014 16:20:24 +0200 stealth (2.11.03) * In Stealth's man-page and manual -perm -xxxx was replaced by -perm /xxxx, as per the POSIX standard. -- Frank B. Brokken Sat, 15 Jun 2013 14:34:42 +0200 stealth (2.11.02) * Stealth returns 0 for options --help and --version * Catching Errno exceptions is replaced by catching std::exception exceptions -- Frank B. Brokken Fri, 25 Jan 2013 11:15:36 +0100 stealth (2.11.01) * Construction of ps and pdf versions of the stealth manual was accidenally dropped in releases after 2.10.00. The ps and pdf versions are now available again. -- Frank B. Brokken Wed, 23 Jan 2013 10:20:20 +0100 stealth (2.11.00) * The policy file may contain a USE DIFFPREFIX specification specifying the number of characters the diff command adds to lines produced by, e.g., CHECK commands. * Path locations in the output of program are by default recognized by the first forward-slash found in output lines. CHECK commands now also support a column offset specifying the offset where path locations start. This allows commands to write slashes before path specifications. * Filenames may contain blanks. A path specification in output of programs begins at the first forward slash or at the line offset defines with a CHECK command, and continues until the last non-blank character on lines. * Stealth now returns 0 when options --version and/or --help are specified. * Some icmake specific changes: CLASSES defines the class dependencies; and icmconf specifies #define USE_ALL "a" -- Frank B. Brokken Sun, 20 Jan 2013 16:40:53 +0100 stealth (2.10.01) * The following #defines in INSTALL.im can be overruled by defining identically named environment variables: CXX defines the name of the compiler to use. By default `g++' CXXFLAGS the options passed to the compiler. By default `-Wall --std=c++0x -O2 -g' LDFLAGS the options passed to the linker. By default no options are passed to the linker. * Documentation files are now under ./documentation -- Frank B. Brokken Tue, 17 Jul 2012 16:22:02 +0200 stealth (2.10.00) * --reload pidfile reloads the configuration files * When specifying a directory with --skipfiles all entries below that directory are skipped. -- Frank B. Brokken Sat, 16 Jun 2012 15:03:36 +0200 stealth (2.04.00) * Added detection of invalid child process command texts: commands not resulting in an exit value are considered invalid and terminate Stealth. (scanner/testexitvalue.cc) * Added cross reference listing to the standard documentation (stealth.xref) -- Frank B. Brokken Sun, 03 Jun 2012 15:11:30 +0200 stealth (2.03.00) * Spurious [Fatal] message when starting stealth are prevented * This version expects Bobcat >= 3.00.00 -- Frank B. Brokken Sat, 05 May 2012 10:47:41 +0200 stealth (2.02.02) * Recompilation and minor modifications to prepare for g++ 4.7 * YEARS updated -- Frank B. Brokken Sun, 08 Jan 2012 14:42:34 +0100 stealth (2.02.01) * Removed FnWrap* calls from Stealth's sources * `build' script now recognizes CXXFLAGS and LDFLAGS for, resp. g++ and ld flags. Default values are set in INSTALL.im, as before. -- Frank B. Brokken Sun, 26 Jun 2011 14:24:10 +0200 stealth (2.02.00) * The file specifying the names of files whose integrity should not be checked may contain empty lines and lines whose 1st non-blank characters start with #. Such lines are ignored. * The 'build' script now uses the -g option by default (set in INSTALL.im). To modify the g++ compilation options change the #define CPPOPT in INSTALL.im. By default it is set to "-O2 -g". To modify the flags `on the fly' set the environment variable CPPFLAGS, overruling CPPOPT. The option "-Wall" is always used and should not be altered. -- Frank B. Brokken Tue, 07 Jun 2011 13:06:18 +0200 stealth (2.01.00) * Stealthcleanup now has a -v flag, showing its actions * Following an upgrade to bobcat 2.11.00 stealth should be recompiled * Identifiers in #defines in configuration files may now also contain hyphens and underscores. * The message about 'can't read Mstream...' when stealth started with --keep-alive is now prevented * Stealth's timestamp now is according to the rfc 2822 format, using UTC * Inclusion and exclusion diff-output are again part of the report. Due to an omitted else in scanner/nodifferences only the > (old) parts were shown. -- Frank B. Brokken Sat, 05 Feb 2011 12:38:23 +0100 stealth (2.00.1) * Documentation requires >= Yodl 3.00.0 -- Frank B. Brokken Wed, 10 Nov 2010 10:38:49 +0100 stealth (2.00.0) * Changed Errno::what() call to Errno::why() * Repaired handling of the -o flag (wasn't working: checked for option "o" rather than 'o'. * Implemented option -s (--skip-files) to skip the integrity-test of specified files. When appearing in the logs so far the initial appearance of a path in the file containing the files to skip results in a log-message "SKIPPING" * A full overhaul of Stealth's sources warrants an upgrade of the major version to 2. * replacing Msg by Mstream and Errno facilities * NOTE: requires bobcat 2.09.00 or later stealth (1.47.4) * Added g++ option --std=c++0x to match the latest Bobcat library * Stealth is now by default installed in /usr/bin (instead of /usr/sbin) as non-root users are also able to use stealth, e.g., to monitor the integrity of their own files. Stealth support scripts (stealthcleanup, stealthcron, stealthmail) are found by default in in /usr/share/doc/stealth/scripts/usr/bin and you might want to install them in /usr/bin rather than /usr/sbin, as suggested previously. **MAKE SURE** that `/sbin/' is changed to `/bin/' in any scripts you may use to activate stealth (e.g. /etc/cron.d/stealth, calling stealthcron) -- Frank B. Brokken Thu, 03 Sep 2009 13:52:38 +0200 stealth (1.47.3) * Build script's `manual-tmp' removed, reactivated `manual'. Build now allows separate installation of program, man-page and manual -- Frank B. Brokken Mon, 30 Mar 2009 09:53:39 +0200 stealth (1.47.2) * Minor changes wrt Process object definitions to prevent `obsolete' warnings from by now (since bobcat 1.21.1) obsolete Process constructors. Also, the Process mail constructor no longer needs to call the mail program as a command to /bin/sh. -- Frank B. Brokken Fri, 24 Oct 2008 14:37:19 +0200 stealth (1.47.1) * Defined the --max-get-size option to restrict the size of files that can be received from a target system. By default 10M. * As the MD5 hash is no longer considered to be cryptographically secure, stealth users should now use an alternative way to compute hash-values. It is suggested to switch to SHA1 hash computations. All stealth documentation was updated accordingly. stealth (1.46.1) * Introduced sub-sub-version numbers for minor changes * The `build' script no longer automatically strips the binary stealth (1.46) * Stealth's icmake scripts adapted to work with icmake > V 7.00 as well. * Random interval based activation time clarified and implementation slightly changed. Man-page and manual changed accordingly Examples now have `find' options (like -xdev) at their proper places. * Provded the stealthmail script with a sorting filter, filtering only the ADDED, MODIFIED and DELETED messages from mail generated by stealth. * Version distribution changed. Latest version now expected in VERSION stealth (1.45) * The previously used scripts below make/ are obsolete and were removed from this and future distributions. Icmake should be used instead, for which a top-level script (build) and support scripts in the ./icmake/ directory are available. Icmake is available on a great many architectures. See the file INSTALL (and INSTALL.im, replacing the previously used INSTALL.cf) for further details. * All plain `unsigned' variables were changed to `size_t' stealth (1.44) unstable; urgency=low * License changed to the GNU GENERAL PUBLIC LICENSE. See the file `copyright'. * Introduced George Danchev as uploader * From now on this file will contain the `upstream' changes. The Debian related changes are in changelog.Debian.gz -- Frank B. Brokken Wed, 19 Jul 2006 12:57:17 +0200 stealth (1.43) unstable; urgency=low * Following suggestions made by George Danchev, this version was compiled by the unstable's g++ compiler (version >= 4.1), which unveiled several flaws in the library's class header files. These flaws were removed (i.e., repaired). * In order to facilitate compiler selection, the compiler to use is defined in the INSTALL.cf file. * The debian control-files (i.e., all files under the debian subdirectory) were removed from the source distribution, which is now also named in accordance with the Debian policy. A diff.gz file was added. -- Frank B. Brokken Thu, 6 Jul 2006 12:24:58 +0200 stealth (1.42) unstable; urgency=low * When a (remote) CHECK command failed to return 0, Stealth didn't properly terminate. This was repaired by changing the return value of Reporter::relax() to type bool, returning d_continue. This return value is now checked in Monitor::control(). If not true, the Monitor::control() loop terminates, thus terminating the program with exit value 1. * make/install script now defines PREFIX=/ if called without argument. -- Frank B. Brokken Mon, 26 Jun 2006 09:27:34 +0200 stealth (1.41c) unstable; urgency=low * Stealth was `lintianized' and `lindanized'. The info in debian's control file was adapted. As the bobcat libraries are now in libbobcat1 *packages, stealth's dependencies were adapted accordingly. -- Frank B. Brokken Sun, 28 May 2006 12:39:15 +0200 stealth (1.41b) unstable; urgency=low * Recompilation because of changes in the bobcat library. This version of Stealth depends on bobcat 1.7.0. No changes to Stealth itself. The compilation dependency for the g++ compiler has been restored. -- Frank B. Brokken Tue, 2 May 2006 21:37:31 +0200 stealth (1.41a) unstable; urgency=low * Minor changes to the make/library script, adapted the program's release years. Dependency check in debian/control for g++ removed since it fails for unkown reasons. The version should be >= 4.0.2 -- Frank B. Brokken Wed, 1 Feb 2006 12:46:01 +0100 stealth (1.41) unstable; urgency=low * Library requirement up-to-date: bobcat 1.6.0 -- Frank B. Brokken Mon, 26 Dec 2005 19:17:24 +0100 stealth (1.40) unstable; urgency=low * all local Pattern objects are now static data members * removed: superfluous stealth.doc-base; debugmacro; classes arg, configfile, errno fdout fork ifdnbuf pattern pipe selector (now in bobcat) * Renamed all .h2 headers to my standard .ih names: util, configsorter, reporter scanner * Reporter::reset() now calls Reporter::rewind() * Reporter uses d_hasMail data member instead of d_sizeBeyondHeader: d_hasMail can simply be set to false following the writing of the header, and then to true at each sync() command. * added: Reporter::exit(), first inserting the message into the reporter, then to cerr, and exiting. * fatal error messages are no longer suppressed with -q * man(ual) pages adapted accordingly. -- Frank B. Brokken Mon, 26 Dec 2005 18:23:25 +0100 stealth (1.35) unstable; urgency=low * Recompilation using g++-4.0. Requires bobcat >= 1.4.0 -- Frank B. Brokken Sat, 19 Nov 2005 16:47:28 +0100 stealth (1.34) unstable; urgency=low * Removed dependencies on `icmake'. See the file `INSTALL' for details about compiling and installing `stealth' from the source package, rather than from the binary (.deb) package. Stealth's functionality has not been altered. -- Frank B. Brokken Sun, 4 Sep 2005 15:11:46 +0200 stealth (1.33) unstable; urgency=low * With the advent of the bobcat library (Brokken's Own Base Classes And Templates) various classes were removed from stealth's distribution: Arg, Configfile, Errno, Fork, Hashclasses, Ifdstreambuf, Ofdbuf, Pattern, and Pipe. Also, the manual pages were adapted to reflect the fact that I'm distributing Debian (source and binary) packages, rather than pure source packages. No further change in functionality was implemented. To compile stealth bobcat-dev is required, to run the binary bobcat itself. See http://bobcat.sourceforge.net and http://sourceforge.net/projects/bobcat for further information about bobcat. -- Frank B. Brokken Sat, 20 Aug 2005 15:35:32 +0200 stealth (1.32) unstable; urgency=low * Version 1.31 was not distributed. Version 1.32 offers identical user options as V 1.31, but has some minor internal improvements in its code over 1.31. In particular, a running stealth process will signal its suppressor that it's ready. This simplifies the construction of, e.g., logrotate scripts. * Note btw that the date and timestamps in this file are CET (+ DST when active) -- Frank B. Brokken Mon, 1 Aug 2005 10:49:36 +0200 stealth (1.31) unstable; urgency=low * Added --suspend and --resume options allowing logfile rotations on a keepalive running stealth process. Changed the manual page using standard manpage*() macros instead of SUBST()s * Internally, a Monitor class was added, exercising and taking over much of the control functionality of the Scanner class -- Frank B. Brokken Sat, 30 Jul 2005 00:13:14 +0200 stealth (1.30-2a) unstable; urgency=low * Stupid: forgot to update the program's version itself :-( Now it's 1.30-2a -- Frank B. Brokken Tue, 27 Apr 2004 17:56:54 +0200 stealth (1.30-2) unstable; urgency=low * Repaired bug in Scanner::Scanner(): The process-id's of the SH and SSH programs were assigned before IOFORK::fork() was executed, so they received undefined values. This was repaired by assigning the d_shPid and d_sshPid assignments to the Scanner::preamble() function. * Also, the call to killChildren() at the end of stealth's main() function (in stealth.cc) was superfluous, as the atexit() call in preamble already ensures that the childprocesses are called. * Finally, the Yodl manual files are adapted to Yodl V. >= 2.00. The /usr/local/share/yodl/macros.yo file isn't required anymore, and the XXsloppyhfuzz undefinition was changed into a call of nosloppyhfuzz(). -- Frank B. Brokken Tue, 27 Apr 2004 17:39:17 +0200 stealth (1.30-1) unstable; urgency=low * --keep-alive, --terminate and --rerun require the name of a file in which the process id of the running stealth process is stored. This file will be writen when the --keep-alive flag is used, read by the other two and removed by the corresponding stealth process when it terminates. Manpages and docs updated accordingly. -- Frank B. Brokken Wed, 17 Dec 2003 09:21:11 +0100 stealth (1.30) unstable; urgency=low * --terminate, --rerun, --repeat and --keep-alive flags were added to allow stealth to keep an existing connection for longer periods of time. Manpages and docs updated accordingly -- Frank B. Brokken Fri, 12 Dec 2003 12:45:45 +0100 stealth (1.22-0) unstable; urgency=low * Added GET and PUT. Put allows stealth to put files to the client using the existing ssh connection. -- Frank B. Brokken Wed, 26 Nov 2003 21:25:02 +0100 stealth (1.21-0) unstable; urgency=low * Added the GET command, allowing stealth to retrieve files from the client for, e.g., local inspection, without requiring an additional ssh connection. -- Frank B. Brokken Sat, 22 Nov 2003 13:55:40 +0100 stealth (1.20-2) unstable; urgency=low * New buildscripts added for man(ual) pages. This file will take over from CHANGELOG which logged the original, non-Debian distribution. -- Frank B. Brokken Fri, 20 Jun 2003 17:21:42 +0200 stealth (1.20-1) unstable; urgency=low * Initial Release. -- Frank B. Brokken Wed, 18 Jun 2003 12:13:41 +0200