On Fri, 9 Sep 2022 07:24:34 -0500 "Marc F. Clemente" <m...@mclemente.net> wrote: > I upgraded grep from version 3.7-1 to 3.8-1. Something in the readme > says that "Upstream has made egrep and fgrep obsolecent." > > Now chkrootkit spews a bunch of relatively harmless warnings: > > egrep: warning: egrep is obsolescent; using grep -E
There is discussion of the egrep messages at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019335 and it looks like a new grep will be uploaded next week that will stop these messages appearing, so these will go away. You can also use the various mechanisms to filter the output to remove the messages. (See README.Debian and the various links therein) In the longer term chkrootkit should probably be patched to replace calls to egrep with 'grep -E' - however, this is slightly more involved than you might guess given the calls to egrep are indirect (using $egrep variable, which is itself set from TROJAN variable - there may be some other issues with how this is done); and ideally $egrep would continue to honour the '-p' setting after any change. (Also chkrootkit is considering egrep as potentially a binary that should be scanned for issues - if TROJAN is changed then there also needs to be a change to ensure the chk_egrep test is still attempted. But it also looks a little strange that chk_grep is looking for a different thing to chk_egrep. suggest they should be combined)
