On Tue, 2010-05-25 at 09:34 -0700, Duane Loftus wrote:
> OK, time for dumb questions.
>
> 1. John Horne says: It hasn't installed properly, try re-installing.
> The INSTALLDIR option must exist for RKH to run.
>
> Is there any guidance on re-installing?
>
Yes, look in the README file that came with the rkhunter tarball (it
says how to install it, and later on there is a section on removing it.)
> Obviously, whatever I did to initally "install" wasn't very successful.
>
> - do I need to uninstall first? If so how.
>
I would suggest unpacking the tarball, probably in somewhere like /tmp.
Then within the rkhunter directory (probably '/tmp/rkhunter-1.3.6') run
the installer (as root) with the --remove option:
./installer.sh --remove
However, whether this works or not depends on how you installed
rkhunter. If you let it default the installation directories, then the
above will work.
> - is there a decent guide to installing (given the file structure of
> Red Hat Fedora Core 6).
>
No need. Rkhunter (RKH) tries to be LSB compliant. As such it will
install things into suitable directories. For Fedora let the installer
default where things are installed.
So, to install just use:
./installer.sh --install
Once installed you can remove the /tmp/rkhunter-1.3.6 directory. I would
then suggest running:
rkhunter --update --propupd
This will update your data files - not sure if there are any updates
though - and the '--propupd' option will populate the file of file
properties used by RKH.
As has been mentioned you may get warnings when running RKH that some
applications are too old, and possibly a security risk. Since you are
running FC6, you may want to do the following as well to disable the
'apps' test completely:
echo "suspscan hidden_procs deleted_files packet_cap_apps apps"
>/etc/rkhunter.conf.local
(That should all be on one line.)
>
> 2. Have I been successful in eliminating HTML from this email?
>
Yes.
> 3. How do I reply and keep this in the thread. Helmut Hullen points
> out that I was not, "Please keep the traffic in the mailing list - thank
> you."
>
This is one of those problems that crops up on mailing lists every so
often. It sometimes causes arguments :-( This mailing list does not
include a 'Reply-To:' header. As such if you just hit 'reply' with your
mail client, you will reply to the original sender of the message, not
to the mailing list. Some mailing lists include the reply-to header,
others do not. As has already been mentioned, some mail clients include
a 'reply to list' option, so you could use that if available. For me, I
hit 'reply to all', remove the original senders address, and cut/paste
the mailing list address in.
John.
--
John Horne, University of Plymouth, UK
Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001
------------------------------------------------------------------------------
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
