Your message dated Sat, 14 Apr 2018 11:21:44 -0700 with message-id <[email protected]> and subject line Fixed has caused the Debian Bug report #816089, regarding rkhunter: "Found preloaded shared library" test not understanding comments to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 816089: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816089 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: rkhunter Version: 1.4.2-5 Severity: normal Dear Maintainer, A commented out entry in /etc/ld.so.preload is interpreted as a filename in rkhunter: pi> cat /etc/ld.so.preload #/usr/lib/arm-linux-gnueabihf/libcofi_rpi.so This alerts: Warning: Found preloaded shared library: #/usr/lib/arm-linux-gnueabihf/libcofi_rpi.so If I add this commented out entry to SHARED_LIB_WHITELIST to try to fool rkhunter, naturally it doesn't like that this doesn't look like an absolute filename: SHARED_LIB_WHITELIST="/usr/lib/arm-linux-gnueabihf/libcofi_rpi.so #/usr/lib/arm-linux-gnueabihf/libcofi_rpi.so" Invalid SHARED_LIB_WHITELIST configuration option: Relative pathname: #/usr/lib/arm-linux-gnueabihf/libcofi_rpi.so It'd be better if rkhunter understood the comment meant the library wasn't loaded and hence could not possibly be a threat that had to be tested. -- System Information: Distributor ID: Raspbian Description: Raspbian GNU/Linux 8.0 (jessie) Release: 8.0 Codename: jessie Architecture: armv6l Kernel: Linux 3.18.7+ (PREEMPT) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages rkhunter depends on: ii binutils 2.25-5 ii debconf [debconf-2.0] 1.5.56 ii file 1:5.22+15-2+deb8u1 ii lsof 4.86+dfsg-1 ii net-tools 1.60-26 ii perl 5.20.2-3+deb8u3 ii ucf 3.0030 Versions of packages rkhunter recommends: ii bsd-mailx [mailx] 8.1.2-0.20141216cvs-2 ii curl 7.38.0-4+deb8u3 ii iproute2 4.3.0-1 ii sendmail-bin [mail-transport-agent] 8.14.4-8 ii unhide 20130526-1 ii unhide.rb 22-2 ii wget 1.16-1 Versions of packages rkhunter suggests: ii liburi-perl 1.64-1 ii libwww-perl 6.08-1 ii powermgmt-base 1.31+nmu1 -- Configuration Files: /etc/rkhunter.conf changed: ROTATE_MIRRORS=1 UPDATE_MIRRORS=1 MIRRORS_MODE=0 MAIL-ON-WARNING="tconnors" MAIL_CMD=mail -s "[rkhunter] Warnings found for ${HOST_NAME}" TMPDIR=/var/lib/rkhunter/tmp DBDIR=/var/lib/rkhunter/db SCRIPTDIR=/usr/share/rkhunter/scripts BINDIR="/bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec" UPDATE_LANG="" LOGFILE=/var/log/rkhunter.log APPEND_LOG=0 COPY_LOG_ON_ERROR=0 COLOR_SET2=0 AUTO_X_DETECT=1 WHITELISTED_IS_WHITE=0 ALLOW_SSH_ROOT_USER=yes ALLOW_SSH_PROT_V1=0 ENABLE_TESTS="all" DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps immutable" USER_FILEPROP_FILES_DIRS="/etc/rkhunter.conf" USER_FILEPROP_FILES_DIRS="/usr/lib/arm-linux-gnueabihf/libcofi_rpi.so" USER_FILEPROP_FILES_DIRS="/usr/sbin/ifstatus" SCRIPTWHITELIST=/bin/egrep SCRIPTWHITELIST=/bin/fgrep SCRIPTWHITELIST=/bin/which SCRIPTWHITELIST=/usr/bin/groups SCRIPTWHITELIST=/usr/bin/ldd SCRIPTWHITELIST=/usr/sbin/adduser SCRIPTWHITELIST=/usr/sbin/unhide.rb SCRIPTWHITELIST=/usr/sbin/ifstatus ALLOWHIDDENDIR=/dev/.mdadm ALLOWHIDDENDIR=/dev/.udev ALLOWHIDDENDIR=/dev/.static ALLOWHIDDENDIR=/dev/.initramfs ALLOWHIDDENDIR=/etc/.java ALLOWHIDDENFILE=/etc/.serial.conf.old ALLOWHIDDENFILE=/dev/.mdadm.map ALLOWHIDDENFILE=/dev/.tmp-block-*:* ALLOWPROCLISTEN=/sbin/dhclient3 ALLOWDEVFILE=/dev/shm/pulse-shm-* ALLOWDEVFILE=/dev/shm/network/ifstate ALLOWDEVFILE=/dev/shm/resolvconf/resolv.conf ALLOWDEVFILE=/dev/shm/resolvconf/interface/eth0 ALLOWDEVFILE=/dev/shm/resolvconf/interface/wlan0 ALLOWDEVFILE=/dev/shm/resolvconf/interface/lo.pdnsd INETD_ALLOWED_SVC=nntp UID0_ACCOUNTS="sashroot" ALLOW_SYSLOG_REMOTE_LOGGING=0 APP_WHITELIST="0.9.8o gpg:1.4.10 sshd:5.5p1 exim:4.71" SUSPSCAN_DIRS="/tmp /var/tmp" SUSPSCAN_TEMP=/dev/shm SUSPSCAN_MAXSIZE=10240000 SUSPSCAN_THRESH=200 RTKT_FILE_WHITELIST="/etc/init.d/hdparm:hdparm" RTKT_FILE_WHITELIST="/etc/init.d/.depend.boot:hdparm" SHARED_LIB_WHITELIST="/usr/lib/arm-linux-gnueabihf/libcofi_rpi.so" USE_LOCKING=0 LOCK_TIMEOUT=300 SHOW_LOCK_MSGS=1 DISABLE_UNHIDE=1 INSTALLDIR="/usr" -- debconf information: rkhunter/cron_daily_run: true rkhunter/apt_autogen: true rkhunter/cron_db_update: true
--- End Message ---
--- Begin Message ---Version: 1.4.4-1 According to the upstream developers, this bug should be fixed. If that's not the case, please reopen. Francois -- https://fmarier.org/
--- End Message ---

