#!/bin/sh
#
#   /usr/lib/rkhunter/adminutils/create_defaulthashes -- part of Rootkit Hunter
#
#   Purpose: updates MD5 signatures of your binary stuff.
#
#   Uses GnuPG for signing created list:
#    - you should have already generated GPG key
#    - should be executed interactively for passing key password
#

cd /var/lib/rkhunter/db
tstamp=$(LANG=en date '+%Y%m%d_%H%M%S')
for f in defaulthashes.dat defaulthashes.dat.asc defaulthashes.dat.sig; do
    test -f "$f" && mv -f "$f" "$f.saved.$tstamp"
done


cd /usr/lib/rkhunter/adminutils
./rpmhashes.sh > /var/lib/rkhunter/db/defaulthashes.dat
# ./createhashes.sh >> /var/lib/rkhunter/db/defaulthashes.dat

cd /var/lib/rkhunter/db
gpg --detach-sign --armor --yes defaulthashes.dat
gpg --verify defaulthashes.dat.asc

echo "
Don't forget to repeat this command after every software upgrade!"

## EOF ##
