--- chkrootkit-0.45/chkrootkit.libpath	2005-02-22 15:57:31 +0300
+++ chkrootkit-0.45/chkrootkit	2005-03-15 02:16:45 +0300
@@ -3,6 +3,7 @@
 
 # $Id: chkrootkit, v 0.45 2005/02/22
 CHKROOTKIT_VERSION='0.45'
+CHKROOTKIT_DIR=/usr/lib/chkrootkit
 
 # Authors: Nelson Murilo <nelson@pangeia.com.br> (main author) and
 #          Klaus Steding-Jessen <jessen@nic.br>
@@ -149,23 +150,23 @@
     fi
 
     if [ "${EXPERT}" = "t" ]; then
-        expertmode_output "./ifpromisc" -v
+        expertmode_output "$CHKROOTKIT_DIR/ifpromisc" -v
         return 5
     fi
-    if [ ! -x ./ifpromisc ]; then
-      echo "not tested: can't exec ./ifpromisc"
+    if [ ! -x $CHKROOTKIT_DIR/ifpromisc ]; then
+      echo "not tested: can't exec $CHKROOTKIT_DIR/ifpromisc"
       return ${NOT_TESTED}
     else
-      [ "${QUIET}" != "t" ] && ./ifpromisc -v || ./ifpromisc -q
+      [ "${QUIET}" != "t" ] && $CHKROOTKIT_DIR/ifpromisc -v || $CHKROOTKIT_DIR/ifpromisc -q
     fi
 }
 
 chkutmp() {
-    if [ ! -x ./chkutmp ]; then
-      echo "not tested: can't exec ./chkutmp"
+    if [ ! -x $CHKROOTKIT_DIR/chkutmp ]; then
+      echo "not tested: can't exec $CHKROOTKIT_DIR/chkutmp"
       return ${NOT_TESTED}
     fi
-    if ./chkutmp
+    if $CHKROOTKIT_DIR/chkutmp
     then
       if [ "${QUIET}" != "t" ]; then echo "chkutmp: nothing deleted"; fi
     fi
@@ -173,8 +174,8 @@
 }
 
 z2 () {
-    if [ ! -x ./chklastlog ]; then
-      echo "not tested: can't exec ./chklastlog"
+    if [ ! -x $CHKROOTKIT_DIR/chklastlog ]; then
+      echo "not tested: can't exec $CHKROOTKIT_DIR/chklastlog"
       return ${NOT_TESTED}
     fi
 
@@ -187,32 +188,32 @@
     fi
 
     if [ "${EXPERT}" = "t" ]; then
-        expertmode_output "./chklastlog -f ${WTMP} -l ${LASTLOG}"
+        expertmode_output "$CHKROOTKIT_DIR/chklastlog -f ${WTMP} -l ${LASTLOG}"
         return 5
     fi
 
-    if ./chklastlog -f ${WTMP} -l ${LASTLOG}
+    if $CHKROOTKIT_DIR/chklastlog -f ${WTMP} -l ${LASTLOG}
     then
       if [ "${QUIET}" != "t" ]; then echo "chklastlog: nothing deleted"; fi
     fi
 }
 
 wted () {
-    if [ ! -x ./chkwtmp ]; then
-      echo "not tested: can't exec ./chkwtmp"
+    if [ ! -x $CHKROOTKIT_DIR/chkwtmp ]; then
+      echo "not tested: can't exec $CHKROOTKIT_DIR/chkwtmp"
       return ${NOT_TESTED}
     fi
 
    if [ "$SYSTEM" = "SunOS" ]; then
-       if [ ! -x ./check_wtmpx ]; then
-          echo "not tested: can't exec ./check_wtmpx"
+       if [ ! -x $CHKROOTKIT_DIR/check_wtmpx ]; then
+          echo "not tested: can't exec $CHKROOTKIT_DIR/check_wtmpx"
        else
           if [ "${EXPERT}" = "t" ]; then
-             expertmode_output "./check_wtmpx"
+             expertmode_output "$CHKROOTKIT_DIR/check_wtmpx"
               return 5
           fi
 	  if [ -f ${ROOTDIR}var/adm/wtmp ]; then
-             if ./check_wtmpx
+             if $CHKROOTKIT_DIR/check_wtmpx
                 then
                 if [ "${QUIET}" != "t" ]; then \
                    echo "check_wtmpx: nothing deleted in /var/adm/wtmpx"; fi
@@ -223,12 +224,12 @@
        WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"`
 
        if [ "${EXPERT}" = "t" ]; then
-          expertmode_output "./chkwtmp -f ${WTMP}"
+          expertmode_output "$CHKROOTKIT_DIR/chkwtmp -f ${WTMP}"
           return 5
        fi
     fi
 
-    if ./chkwtmp -f ${WTMP}
+    if $CHKROOTKIT_DIR/chkwtmp -f ${WTMP}
     then
       if [ "${QUIET}" != "t" ]; then echo "chkwtmp: nothing deleted"; fi
     fi
@@ -267,8 +268,8 @@
     prog=""
     if [  \( "${SYSTEM}" = "Linux"  -o \( "${SYSTEM}" = "FreeBSD" -a \
        `echo ${V} | ${awk} '{ if ($1 > 4.3) print 1; else print 0 }'` -eq 1 \) \) -a "${ROOTDIR}" = "/" ]; then
-      [ ! -x ./chkproc ] && prog="./chkproc"
-      [ ! -x ./chkdirs ] && prog="$prog ./chkdirs"
+      [ ! -x $CHKROOTKIT_DIR/chkproc ] && prog="$CHKROOTKIT_DIR/chkproc"
+      [ ! -x $CHKROOTKIT_DIR/chkdirs ] && prog="$prog $CHKROOTKIT_DIR/chkdirs"
       if [ "$prog" != "" ]; then
 #        echo "not tested: can't exec $prog"
         return ${NOT_TESTED}
@@ -280,7 +281,7 @@
          PV=`$ps -V 2>/dev/null| $cut -d " " -f 3 |$awk -F . '{ print $1 "." $2 $3 }' | ${awk} '{ if ($0 > 3.19) print 2; else print 1 }'`
          [ "$PV" = "" ] &&  PV=1
          [ "${SYSTEM}" = "SunOS" ] && PV=0
-         expertmode_output "./chkproc -v -v -p $PV"
+         expertmode_output "$CHKROOTKIT_DIR/chkproc -v -v -p $PV"
          return 5
       fi
 
@@ -306,7 +307,7 @@
       if [ "${DEBUG}" = "t" ]; then
            ${echo} "*** PV=$PV ***"
       fi
-      if ./chkproc -p ${PV}
+      if $CHKROOTKIT_DIR/chkproc -p ${PV}
       then
            if [ "${QUIET}" != "t" ]; then echo "chkproc: nothing detected"; fi
       else
@@ -1582,18 +1583,18 @@
 
    if [ "${SYSTEM}" = "Linux" ]
    then
-      if [ ! -x ./strings-static ]; then
-        printn "can't exec ./strings-static, "
+      if [ ! -x $CHKROOTKIT_DIR/strings-static ]; then
+        printn "can't exec $CHKROOTKIT_DIR/strings-static, "
         return ${NOT_TESTED}
       fi
 
       if [ "${EXPERT}" = "t" ]; then
-          expertmode_output "./strings-static -a ${CMD}"
+          expertmode_output "$CHKROOTKIT_DIR/strings-static -a ${CMD}"
           return 5
       fi
 
       ### strings must be a statically linked binary.
-      if ./strings-static -a ${CMD} > /dev/null 2>&1
+      if $CHKROOTKIT_DIR/strings-static -a ${CMD} > /dev/null 2>&1
       then
          STATUS=${INFECTED}
       fi