On 12/16/2008 02:02:16 PM, John Horne wrote:
> On Tue, 2008-12-16 at 13:51 -0800, Geoffrey Leach wrote:
> > On 12/13/2008 04:00:46 PM, John Horne wrote:
> > > On Sun, 2008-12-14 at 10:30 +1100, Michael Mansour wrote:
> > >
> > > > > "Original Poster" here. The problem results from --cronjob
> not
>
> > > > > asserting --nocolors, as is advertised by the man page, and
> as
>
> > > > > happened in the F9 version. What then happened is that
> /bin/mail
> > > saw
> > > > > some non- 7bin-ASCII characters and encoded the mail as
> Base64.
> > > The
> > > > > email reader then reported the content as something else
> > > altogether.
> > > > > Phew!
> > > > >
> > > > > Thanks to all who chimed in.
> > > >
> > > > So that means the error is with rkhunter?
> > > >
> > > No.
> > >
> > > > I raised this with bugzilla:
> > > >
> > > > https://bugzilla.redhat.com/show_bug.cgi?id=475916
> > > >
> > > > My explanation there was to get the package maintainer to fix
> it
> in
> > > epel,
> > > > should this stand or be fixed in rkhunter?
> > > >
> > > It's a bug with the Fedora package. Rkhunter does provide a cron
> > > script
> > > when the rpm is built, but the Fedora package overwrites this (or
> > > does
> > > something to it). The bugzilla report should stand.
> > >
> > FWIW, according to the man page, --cronjob implies --nocolors, and
> > that appears not to be the case in the F10 version. That's the
> problem
> > I had. OTOH, --update does not, and the man page recommends that --
> > nocolors be used, and the cron script did not do that.
> >
> > My conclusion is that there's a bug in rkhunter and in the cron
> script.
> >
> I disagree.
>
> To test, comment out the call to RKH with the '--update' option in
> your
> cronjob and see if you still get output with the colour character
> sequences. (As far as I remember the cronjob should then just call
> RKH
> with the --cronjob option and perhaps some others.)
Hmmmmm .... let me give this one more try. Keeping in mind that the
cron script is not part of the RKH release.
Update:
/bin/nice -n 10 $RKHUNTER --update 2>&1 >> $TMPFILE1
--nocolors is absent, so I would expect colors in the output, and when
its directed to /bin/mail Base64 encoding will result. The fact that
colors are produced is documented in the man page, so the absence of --
nocolors is an error in the script.
Normal (follows update):
RKHUNTER_FLAGS="--cronjob --report-warnings-only"
/bin/nice -n 10 $RKHUNTER $RKHUNTER_FLAGS 2>&1 >> $TMPFILE1
The man page says that --cronjob implies --nocolors (unless I misread),
but colors are produced, mail gets encoded as Base64, and my original
problem.
------------------------------------------------------------------------------
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you. Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
