--- ninja-0.1.3.orig/ninja.8
+++ ninja-0.1.3/ninja.8
@@ -23,7 +23,7 @@
 .SH CONFIGURATION
 Ninja requires a configuration file to run. For more information about the
 configuration, please refer to the "default.conf" file, located at
-"examples/config/" in the source tree.  There, all the available options
+"/usr/share/doc/ninja/examples/" in the source tree.  There, all the available options
 are explained in detail.
 
 .SH WHITELIST
@@ -37,7 +37,7 @@
 <executable>:<groups>:<users>
 .PP
 The second or third field can be left empty.  Please refer to the example
-whitlist located in "examples/whitelist/".
+whitlist located in "/usr/share/doc/ninja/examples/".
 
 Remember that it is a good idea to whitelist programs such as passwd(1) 
 and other regular setuid applications that users require access to.
--- ninja-0.1.3.orig/debian/init.d
+++ ninja-0.1.3/debian/init.d
@@ -0,0 +1,151 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          ninja
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: "privilege escalation detection system"
+# Description:       "starts ninja using start-stop-daemon"
+#                   
+### END INIT INFO
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="privilege escalation detection system"
+NAME=ninja
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="/etc/ninja/ninja.conf"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+	# Return
+	#   0 if daemon has been started
+	#   1 if daemon was already running
+	#   2 if daemon could not be started
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+		|| return 1
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+		$DAEMON_ARGS \
+		|| return 2
+	# Add code here, if necessary, that waits for the process to be ready
+	# to handle requests from services started subsequently which depend
+	# on this one.  As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+	RETVAL="$?"
+	[ "$RETVAL" = 2 ] && return 2
+	# Wait for children to finish too if this is a daemon that forks
+	# and if the daemon is only ever run from this initscript.
+	# If the above conditions are not satisfied then add some other code
+	# that waits for the process to drop all resources that could be
+	# needed by services started subsequently.  A last resort is to
+	# sleep for some time.
+	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+	[ "$?" = 2 ] && return 2
+	# Many daemons don't delete their pidfiles when they exit.
+	rm -f $PIDFILE
+	return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+	#
+	# If the daemon can reload its configuration without
+	# restarting (for example, when it is sent a SIGHUP),
+	# then implement that here.
+	#
+	start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+	return 0
+}
+
+case "$1" in
+  start)
+	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+	do_start
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+	esac
+	;;
+  stop)
+	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+	do_stop
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+	esac
+	;;
+  status)
+       status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+       ;;
+  #reload|force-reload)
+	#
+	# If do_reload() is not implemented then leave this commented out
+	# and leave 'force-reload' as an alias for 'restart'.
+	#
+	#log_daemon_msg "Reloading $DESC" "$NAME"
+	#do_reload
+	#log_end_msg $?
+	#;;
+  restart|force-reload)
+	#
+	# If the "reload" option is implemented then remove the
+	# 'force-reload' alias
+	#
+	log_daemon_msg "Restarting $DESC" "$NAME"
+	do_stop
+	case "$?" in
+	  0|1)
+		do_start
+		case "$?" in
+			0) log_end_msg 0 ;;
+			1) log_end_msg 1 ;; # Old process is still running
+			*) log_end_msg 1 ;; # Failed to start
+		esac
+		;;
+	  *)
+	  	# Failed to stop
+		log_end_msg 1
+		;;
+	esac
+	;;
+  *)
+	#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+	echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+	exit 3
+	;;
+esac
+
+:
--- ninja-0.1.3.orig/debian/control
+++ ninja-0.1.3/debian/control
@@ -0,0 +1,26 @@
+Source: ninja
+Section: admin
+Priority: optional
+Maintainer: William Vera <billy@billy.com.mx>
+Build-Depends: debhelper (>= 7), autotools-dev
+Standards-Version: 3.8.3
+Homepage: http://forkbomb.org/ninja
+
+Package: ninja
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, logrotate 
+Description: Privilege escalation detection system for GNU/Linux
+ Ninja is a privilege escalation detection and prevention
+ system for GNU/Linux hosts. While running, it will monitor
+ process activity on the local host, and keep track of all
+ processes running as root. If a process is spawned with
+ UID or GID zero (root), ninja will log necessary information  
+ about this process, and optionally kill the process
+ if it was spawned by an unauthorized user.
+ A "magic" group can be specified, allowing members of this
+ group to run any setuid/setgid root executable.
+ Individual executables can be whitelisted. Ninja uses a
+ fine grained whitelist that lets you whitelist executables
+ on a group and/or user basis. This can be used to allow
+ specific groups or individual users access to  setuid/setgid 
+ root programs, such as su(1) and passwd(1).
--- ninja-0.1.3.orig/debian/ninja.conf
+++ ninja-0.1.3/debian/ninja.conf
@@ -0,0 +1,142 @@
+# This sample ninja(8) configuration file shows and explains all the available
+# options, with all the values set to default.
+#
+# Use this file as a guide when creating your own configuration.
+# DO NOT USE THIS CONFIGURATION AS IT IS!
+#
+# Configuration syntax:
+#
+#   <option> = <value>
+#
+# Both option and value are one word each.  No strings, no whitespace, etc.
+# Boolean options (marked BOOL) takes the values "yes" or "true" and
+# "no" or "false".
+#
+# The assignment symbol ('=') is ignored by the parser and can be ommited.
+
+
+# Name: group
+# Type: INTEGER
+#
+#   Sets the GID (Group ID) of the group of users that are allowed to run
+#   any root setuid/setgid binary.  Users in this group does not need to be
+#   whitelisted. 
+group = 0
+
+
+# Name: daemon
+# Type: BOOL
+#
+#   If set to "yes", ninja will run in the background as a daemon.
+
+# Modified for debian package
+daemon = yes
+
+
+# Name: interval
+# Type: INTEGER
+#
+#   The process scanning interval, in seconds.  This is the amount of time
+#   ninja will sleep, before going through all the active processes on the
+#   system.  Lower intervals are safer, meaning that unauthorized processes
+#   will be detected faster.  Unless your system is very slow, you should set
+#   this to zero.
+interval = 1
+
+
+# Name: logfile
+# Type: STRING
+#
+#   Path to log file.  If specified, all messages are logged to this file.
+#   You really want to specify a log file if you are running ninja as a daemon.
+
+# Modified for debian package
+logfile = /var/log/ninja.log
+
+
+# Name: whitelist
+# Type: STRING
+#
+#   Path to the whitelist file.
+
+# Modified for debian package
+whitelist = /etc/ninja/whitelist
+
+
+# Name: external_command
+# Type: STRING
+#
+#   Path to the external command.  If you specify an external command, this
+#   command will be run every time an unauthorized process is detected.  This
+#   could be a script that alerts the admin of the system via e-mail,
+#   disables the login account of the offending user, among other things.
+#   The command will be run as <command> <user> where 'user' is the username
+#   of the offending user.
+
+# Modified for debian package
+#external_command = (null) 
+
+
+# Name: no_kill
+# Type: BOOL
+#
+#   If this option is enabled, unauthorized processes will not be killed when
+#   detected.  This can be very useful when testing the system, or when
+
+#   creating whitelists.
+# Modified for debian package
+no_kill = yes
+
+
+# Name: no_kill_ppid
+# Type: BOOL
+#
+#   Same as the "no_kill" option, except this one affects the ppid, parent of
+#   the unauthorized process.
+
+# Modified for debian package
+no_kill_ppid = yes
+
+
+# Name: ignore_root_procs
+# Type: BOOL
+#
+#   When this option is enabled, all processes spawned by root, meaning
+#   processes with a parent process owned by root, will be ignored.  This
+#   is generally a good idea, and will save us some cpu cycles.
+ignore_root_procs = yes
+
+
+# Name: log_whitelist
+# Type: BOOL
+#
+#   If enabled, ninja will log everytime it detects a whitelisted process
+#   running.  Both process name and the user running it will be logged.
+log_whitelist = no
+
+
+# Name: require_init_wlist
+# Type: BOOL
+#
+#   This option is very important for the security of your system.  When
+#   this option is set to "yes", all processes running as root, and
+#   controlled by init(1) will have to be whitelisted.  If this option is not
+#   enabled, attackers can circumvent ninja by forking a new process after
+#   gaining root, and create a new session (e.g using setsid()).  This will
+#   cause ninja to believe that root spawned this process, as init(1) will now
+#   be the parent, and init(1) is owned by root.  Therefore, to gain a higher
+#   level of security, you should enable this option, and explicitly whitelist
+#   every process that will run in its own session, meaning that it will be
+#   controlled by init(1).
+require_init_wlist = no
+
+
+# Name: proc_scan_offset
+# Type: INTEGER
+#
+#   This option specifies the offset of which pids to scan.  If set to 0, all
+#   processes on the system will be scanned.  This might not be necessary, as
+#   processes with a pid lower than 300 is generally kernel processes, and we
+#   really don't need to keep an eye on those.  So, if you want to save a few
+#   cpu cycles, set this to 300 or so.
+proc_scan_offset = 0
--- ninja-0.1.3.orig/debian/compat
+++ ninja-0.1.3/debian/compat
@@ -0,0 +1 @@
+5
--- ninja-0.1.3.orig/debian/logcheck.ignore.server
+++ ninja-0.1.3/debian/logcheck.ignore.server
@@ -0,0 +1,9 @@
+^\[\w{3} \w{3} [ :0-9]{16}\] ninja version [0-9.]+ initializing$
+^\[\w{3} \w{3} [ :0-9]{16}\] magic group: gid=0 \(root\)$
+^\[\w{3} \w{3} [ :0-9]{16}\] logfile: /var/log/ninja.log$
+^\[\w{3} \w{3} [ :0-9]{16}\] whitelist mapped in memory at 0x[0-9a-f]+$
+^\[\w{3} \w{3} [ :0-9]{16}\] entering daemon mode$
+^\[\w{3} \w{3} [ :0-9]{16}\] entering main loop$
+^\[\w{3} \w{3} [ :0-9]{16}\] generating initial pid array..$
+^\[\w{3} \w{3} [ :0-9]{16}\] now monitoring process activity$
+^\[\w{3} \w{3} [ :0-9]{16}\] ignored signal: (15|18)$
--- ninja-0.1.3.orig/debian/logrotate
+++ ninja-0.1.3/debian/logrotate
@@ -0,0 +1,9 @@
+/var/log/ninja.log {
+    rotate 12
+    weekly
+    compress
+    postrotate
+    /etc/init.d/ninja force-reload
+    endscript
+}
+
--- ninja-0.1.3.orig/debian/changelog
+++ ninja-0.1.3/debian/changelog
@@ -0,0 +1,69 @@
+ninja (0.1.3-2) unstable; urgency=low
+
+  * Fixed logrotate file typo. (Closes: #563328).
+  * Added a default logcheck ignore file. (Closes: #563329).
+  * Fixed incorrect init script dependencies. (Closes: #567443).
+  * Changed and fixed initscript. (Closes: #563989).
+  * Added a preinst script to create a logfile. (Closes: #568780).
+
+ -- William Vera <billy@billy.com.mx>  Sun, 10 Jan 2010 18:44:45 -0600
+
+ninja (0.1.3-1) unstable; urgency=low
+
+  * New upstream release.
+  * This version fix segfault on x86_64 platforms. (Closes: #559257).
+  * Updated copyright file to GPL-2.
+  * Added logrotate as depend at control file.
+  * Added dh_installlogrotate at rules file.
+  * Modified ninja.conf to use a logfile.
+  * Fixed initscript.
+
+ -- William Vera <billy@billy.com.mx>  Fri, 04 Dec 2009 17:17:18 -0600
+
+ninja (0.1.2-6) unstable; urgency=low
+
+  * Fixed initscript to capture the pid properly. (Closes: #559258). 
+  * Customized default whitelist for Debian. (Closes: #558997). 
+  * Changed the config file, automatics kills enabled. (Closes: #559259). 
+
+ -- William Vera <billy@billy.com.mx>  Thu, 03 Dec 2009 14:43:25 -0600
+
+ninja (0.1.2-5) unstable; urgency=low
+
+  * Changed ninja.conf to to prevent postinst fail (Closes: #555200). 
+
+ -- William Vera <billy@billy.com.mx>  Sun, 08 Nov 2009 18:16:14 -0600
+
+ninja (0.1.2-4) unstable; urgency=low
+
+  * Added a default config files at /etc/ninja. 
+  * Added a initscript (Closes: #550545).
+  * Updated Standards Version to 3.8.3. 
+  * Added ${misc:Depends} at debian/control. 
+  * Updated debhelper version at debian/control. 
+
+ -- William Vera <billy@billy.com.mx>  Sat, 31 Oct 2009 19:51:20 -0600
+
+ninja (0.1.2-3) unstable; urgency=low
+
+  * Fixed typo in package description: GNU\Linux (Closes: #515174). 
+  * Corrected the date of initial release in the copyright file. 
+  * Updated the compat version to 5. 
+  * Updated the Standards-Version to 3.8.1. 
+
+ -- William Vera <billy@billy.com.mx>  Fri, 08 May 2009 23:41:59 -0500
+
+ninja (0.1.2-2) unstable; urgency=low
+
+  * Updated standards version to 3.8.0.
+  * Updated Homepage in control file.
+  * Added watch file.
+
+ -- William Vera <billy@billy.com.mx>  Mon, 11 Aug 2008 01:13:48 -0500
+
+ninja (0.1.2-1) unstable; urgency=low
+
+  * Initial release (Closes: #325824)
+
+ -- William Vera <billy@billy.com.mx>  Wed, 04 Jul 2007 21:41:21 -0500
+
--- ninja-0.1.3.orig/debian/ninja.install
+++ ninja-0.1.3/debian/ninja.install
@@ -0,0 +1,3 @@
+ninja			usr/sbin
+debian/ninja.conf	etc/ninja/
+debian/whitelist	etc/ninja/
--- ninja-0.1.3.orig/debian/ninja.default
+++ ninja-0.1.3/debian/ninja.default
@@ -0,0 +1,11 @@
+# Defaults for ninja initscript
+# sourced by /etc/init.d/ninja
+# installed at /etc/default/ninja by the maintainer scripts
+
+#
+# This is a POSIX shell fragment
+#
+
+# Additional options that are passed to the Daemon.
+DAEMON_OPTS=/etc/ninja/ninja.conf
+START_DAEMON=YES
--- ninja-0.1.3.orig/debian/watch
+++ ninja-0.1.3/debian/watch
@@ -0,0 +1,2 @@
+version=3
+http://forkbomb.org/ninja/src/ninja-(.*)\.tar\.bz2
--- ninja-0.1.3.orig/debian/preinst
+++ ninja-0.1.3/debian/preinst
@@ -0,0 +1,36 @@
+#!/bin/sh
+# preinst script for ninja
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+    install|upgrade)
+	touch /var/log/ninja.log
+    ;;
+
+    abort-upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- ninja-0.1.3.orig/debian/ninja.examples
+++ ninja-0.1.3/debian/ninja.examples
@@ -0,0 +1,2 @@
+examples/config/default.conf
+examples/whitelist/simple.wlist
--- ninja-0.1.3.orig/debian/ninja.dirs
+++ ninja-0.1.3/debian/ninja.dirs
@@ -0,0 +1,2 @@
+usr/sbin
+etc/ninja
--- ninja-0.1.3.orig/debian/rules
+++ ninja-0.1.3/debian/rules
@@ -0,0 +1,70 @@
+#!/usr/bin/make -f
+
+export DH_VERBOSE=1
+
+
+
+
+CFLAGS = -Wall -g
+
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+	CFLAGS += -O0
+else
+	CFLAGS += -O2
+endif
+
+configure: configure-stamp
+configure-stamp:
+	dh_testdir
+
+	touch configure-stamp
+
+
+build: build-stamp
+
+build-stamp: configure-stamp 
+	dh_testdir
+
+	$(MAKE)
+
+	touch build-stamp
+
+clean:
+	dh_testdir
+	dh_testroot
+	rm -f build-stamp configure-stamp
+
+	[ ! -f Makefile ] || $(MAKE) clean
+
+	dh_clean 
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k 
+	dh_installdirs
+	dh_installinit
+	dh_installlogrotate
+	dh_installlogcheck 
+
+binary-indep: build install
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+	dh_installchangelogs ChangeLog
+	dh_installdocs
+	dh_installexamples
+	dh_install
+	dh_installman
+	dh_link
+	dh_strip
+	dh_compress
+	dh_fixperms
+	dh_installdeb
+	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install configure
--- ninja-0.1.3.orig/debian/whitelist
+++ ninja-0.1.3/debian/whitelist
@@ -0,0 +1,7 @@
+/bin/su:users:
+/usr/bin/sudo:users:
+/bin/fusermount:users:
+/usr/bin/passwd:users:
+/usr/bin/pulseaudio:users:
+/usr/sbin/hald:haldaemon:
+/usr/lib/hal/hald-runner:haldaemon:
--- ninja-0.1.3.orig/debian/copyright
+++ ninja-0.1.3/debian/copyright
@@ -0,0 +1,13 @@
+This package was debianized by William Vera <billy@billy.com.mx> on
+Wed, 04 Jul 2007 21:41:21 -0500.
+
+It was downloaded from: http://forkbomb.org/ninja/
+
+Copyright: (C) 2005 Tom Rune Flo <tom@x86.no>
+
+License:
+
+You are free to distribute this software under the terms of the GNU General Public License.
+On Debian systems, the complete text of the GNU General Public
+License can be found in /usr/share/common-licenses/GPL-2  file.
+
--- ninja-0.1.3.orig/debian/manpages
+++ ninja-0.1.3/debian/manpages
@@ -0,0 +1 @@
+ninja.8