On Mon, Jan 26, 2015 at 6:21 PM, Tanstaafl <tansta...@libertytrek.org> wrote:
> Hello all, > > Been on rkhunter 1.4.2 for a while, no changes made to its config file, > been running nightly for years without these warnings... > > I recently did some Gentoo updates after almost 2 months of no updates > (was out of town), and now, even after running --propupd, I continue to > get these warnings: > > > # grep Warning /var/log/rkhunter.log > > [03:10:32] Info: Emailing warnings to 'root' using command '/bin/mail > -s "[rkhunter] Warnings found for ${HOST_NAME}"' > > [03:10:45] /bin/egrep [ Warning ] > > [03:10:45] Warning: The command '/bin/egrep' has been replaced by a > script: /bin/egrep: POSIX shell script, ASCII text executable > > [03:10:45] /bin/fgrep [ Warning ] > > [03:10:45] Warning: The command '/bin/fgrep' has been replaced by a > script: /bin/fgrep: POSIX shell script, ASCII text executable > > Anyone know if this is due to something changing in Gentoo? > > As stated in the previous response to your original thread, /bin/[ef]grep come with the grep package: file `equery -q f grep|grep /bin/` /bin/egrep: POSIX shell script, ASCII text executable /bin/fgrep: POSIX shell script, ASCII text executable /bin/grep: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.16, stripped The shell scripts in question call the grep binary with the flags shown below: grep exec /bin/[ef]grep /bin/egrep:exec $grep -E "$@" /bin/fgrep:exec $grep -F "$@"