Hi, Rado Rovny <r...@rovny.net> wrote:
> The problem seems to be in do_app_checks() function and configured > applications in APP_NAMES variable > > APP_NAMES="exim:Exim MTA > gpg:GnuPG > httpd:Apache > named:Bind DNS > openssl:OpenSSL > php:PHP > procmail:Procmail MTA > proftpd:ProFTPd > sshd:OpenSSH" > > > Unfortunatelly, Apache2 process name is apache2 and not httpd, so this > check will not succeed. > I have the same problem on same OS. Hm ok. I tried to add the check for apache2. But didn't succeed. So I created a symlink /usr/sbin/httpd which points to /usr/sbin/apache2. -> ln -s /usr/sbin/apache2 /usr/sbin/httpd Now rkhunter finds httpd which is apache2. [15:44:03] Checking version of Apache [ Warning ] [15:44:03] Warning: Application 'httpd', version '2.2.9', is out of date, and possibly a security risk. After adding it to the whitelist with: APP_WHITELIST="openssl:0.9.8g gpg:1.4.9 php:5.2.6 sshd:5.1p1 httpd:2.2.9" The message is gone. [15:47:17] Checking version of Apache [ OK ] [15:47:17] Info: Found application 'httpd' version '2.2.9': this version is whitelisted. But could somebody tell me how wise this is? The symbolic link has the following privileges. server:~# ls -lach /usr/sbin/httpd lrwxrwxrwx 1 root root 7 2010-01-31 15:36 /usr/sbin/httpd -> apache2 Thanks, Christian -- For private mail please use my GPG-Key. ID: 0xB7849C76 ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
