Package: chkrootkit
Version: 0.45-1
Severity: normal
Tags: patch, upstream
Followup-For: Bug #297680
Hello,
Running chkrootkit on my main computer always output a lot of lines
concerning the fact that it can't read ~user/XXX ( where XXX is a
directory with 600 permission mode ). I have a NFS mounted home dir.
I have set the option "-n" when calling chkrootkit.
I think this bug could be solved using the provided patch. This patch
correct :
- when scanning home dir for .*history, use "findargs",
- findargs "prune" NFS mounted directory.
Thank you for your work
Kind regard
Sylvain Le Gall
--- /usr/sbin/chkrootkit.orig 2005-05-29 17:07:26.000000000 +0200
+++ /usr/sbin/chkrootkit 2005-05-29 18:55:43.000000000 +0200
@@ -1048,10 +1048,10 @@
printn "Searching for anomalies in shell history files... "; fi
files=""
if [ ! -z "${SHELL}" -a ! -z "${HOME}" ]; then
- files=`${find} ${ROOTDIR}${HOME} -name '.*history' -size 0`
+ files=`${find} ${ROOTDIR}${HOME} ${findargs} -name '.*history' -size 0`
[ ! -z "${files}" ] && \
echo "Warning: \`${files}' file size is zero"
- files=`${find} ${ROOTDIR}${HOME} -name '.*history' \( -links 2 -o -type
l \)`
+ files=`${find} ${ROOTDIR}${HOME} ${findargs} -name '.*history' \( -links
2 -o -type l \)`
[ ! -z "${files}" ] && \
echo "Warning: \`${files}' is linked to another file"
fi
@@ -1133,10 +1133,10 @@
findargs=""
if find /etc -maxdepth 0 >/dev/null 2>&1; then
find /etc ! -fstype nfs -maxdepth 0 >/dev/null 2>&1 && \
- findargs="! -fstype nfs "
+ findargs="! ( -fstype nfs -prune )"
elif find /etc -prune > /dev/null 2>&1; then
find /etc ! -fstype nfs -prune > /dev/null 2>&1 && \
- findargs="! -fstype nfs "
+ findargs="! ( -fstype nfs -prune )"
fi
}
