First, thanks to all of you! Apart from this issue, may you please make a system check after having used hashupdate.sh? In my case, although all the hashes are good, rkhunter only reports errors!
Le lundi 13 novembre 2006 à 01:12 -0800, Matt Taggart a écrit : > Jurij Smakov writes... > > > Also, Matt Taggart, who brought this bug to my attention, mentioned > > that it should be run on an etch system, but in your email you talk > > about unstable, so I'm confused. > > I'm let Julien confirm what he wants, but I suspect the answer will be > "both". > If you look at os.dat and read the rkhunter script you can see how it > differentiates between distros and releases. But right now > /etc/debian_version > is 4.0 in both etch and unstable, so it has no way to differentiate. Probably > what needs to happen to allow differentiation is we need base-files to freeze > and fork and the unstable version to switch back to "testing/unstable". I > don't know when this will happen, but probably pretty soon. To be fully honest, this question is still open and we have to discuss of it with Micah. Currently, no hash checks are made (no default hashes are provided, and the check falls back to 'known bad' instead of 'known good' - I wasn't aware of this behaviour before looking deeper in the cause of this bug). I think you are right, we could wait until base-files is frozen and only propose the hashes to upstream at that moment. But what with security updates? The same work will have to be done, without any guarantee that this can be done quickly on our side, nor that upstream can update the database in a short time (provided the user chose to activate rkhunter weekly cron job). This will surely mislead people for a few days/weeks. In my opinion, the best way would be to add Debian Etch support to os.dat only, so as to avoid the "unknown OS" warning, and provide some documentation to the end-user so that he can easily uses the hash check in Debian. I would appreciate your comments on this as I have been trying to find quite unrealistic solutions for a few days... new minds will surely help me. Cheers, Julien
