On Tue, 26 Jan 2010 17:43:29 +0000, John Horne wrote about Re: [Rkhunter-users] Rkhunter tells me that /usr/bin/rkhunter file properties has changed:
>Okay, thanks for that. The actual wording comes from the magic file. It >is possible, but I cannot really see why, that Arch Linux have changed >the wording in the magic file for their distro. > >For the moment there is not much we can do about this. I have put a fix >into the CVS version of RKH based on what has already been seen, and I >may take a quick look at Arch to see what they have done. But it may >well be that we simply need to wait until other systems have upgraded >and see what happens (if anything). > > > > >John. > Mustard after the meal, but same here in Mandriva Linux Cooker: File is version 5.04 since 23.JAN.2010 and I saw the same error in rkh log. To ease checking (after verifying diff was okay with original tarball), I worked around it for the moment with this cron job which gets mailed 9 minutes after the rkh logs: #!/bin/bash # check integrity of rhunter executable despite rkh warning grep \/bin\/rkhu /var/lib/rkhunter/db/rkhunter.dat sha1sum /usr/local/bin/rkhunter Ciao, =Dick Gevers= ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
