Your message dated Sat, 31 Oct 2009 15:32:18 +0100
with message-id <[email protected]>
and subject line Closing this bug
has caused the Debian Bug report #448597,
regarding rkhunter: fails to retrieve hashes on systems with prelink and little
disk space
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
448597: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448597
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: rkhunter
Version: 1.3.0-2
Severity: normal
Hi,
When running rkhunter on a system with prelink, the hash checks can fall
foul of prelink's checks for sufficient diskspace. I'm not sure whether
this should be considered a bug in rkhunter or in prelink...
Anyway, the symptoms are that rkhunter takes ages to run, and fails to
find any hashes for the binaries it's interested in. The reason is that
the prelink wrapper script (which is specific to Debian) checks the free
disk space and requests user confirmation if less than 50000 KB is
available; the user confirmation has a 20s timeout, so rkhunter sits
around waiting for prelink for 20s every time it's invoked when disk
space is insufficient.
50000 KB might seem negligible by today's standards, but I use separate
/, /usr etc. on all my systems and one of them recently dipped below
50000 KB on /. I haven't checked whether prelink really needs all that
space to prelink binaries in / in this situation; I'll give it a shot
later today.
Here's an extract from rkhunter.log illustrating the problem:
[11:04:24] Warning: No hash value found for file '/usr/bin/lastlog'
[11:04:44] Hash command output: Partition /dev/md/0 (/) has only 49890
KB free.::!! WARNING !!:It's recommended to have at least 50000 KB of disk
space.:Prelink would _really_ damage the ELF files on those
partitions.::Aborting prelink.
[11:05:04] Warning: No hash value found for file '/usr/bin/ldd'
[11:05:24] Hash command output: Partition /dev/md/0 (/) has only 49890
KB free.::!! WARNING !!:It's recommended to have at least 50000 KB of disk
space.:Prelink would _really_ damage the ELF files on those
partitions.::Aborting prelink.
Obviously rkhunter can't do much about this particular failure mode in
prelink (other than perhaps calling prelink.bin directly if the disk
space issue is irrelevant for verifications), but it would be nice if it
didn't attempt to run prelink however many times after the first
failure.
Regards,
Stephen
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable'), (200, 'unstable'), (1,
'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages rkhunter depends on:
ii debconf [debconf-2.0] 1.5.14 Debian configuration management sy
ii exim4 4.67-8 meta-package to ease Exim MTA (v4)
ii exim4-daemon-heavy [mail-tran 4.67-8 Exim MTA (v4) daemon with extended
ii file 4.21-3 Determines file type using "magic"
ii net-tools 1.60-17 The NET-3 networking toolkit
ii perl 5.8.8-11.1 Larry Wall's Practical Extraction
Versions of packages rkhunter recommends:
ii binutils 2.18-1 The GNU assembler, linker and bina
ii curl 7.17.0-1 Get a file from an HTTP, HTTPS or
ii iproute 20070313-1 Professional tools to control the
ii libmd5-perl 2.03-1 backwards-compatible wrapper for D
ii lynx 2.8.6-2 Text-mode WWW Browser
ii wget 1.10.2-3 retrieves files from the web
-- debconf information:
* rkhunter/apt_autogen: true
* rkhunter/cron_daily_run: true
* rkhunter/cron_db_update: true
--- End Message ---
--- Begin Message ---
#449383 has been fixed in prelink 0.0.20090925-1
I hence close this bug
Cheers,
Julien
--- End Message ---
