On Thu, 2011-09-29 at 09:56 +0200, Simon Loewenthal wrote: > Good morning all, > > I am trying to stop these errors from rkhunter by updating the database > (presumably?), but the last time I did this, I had messed it up and had > to reinstall rkhunter and start afresh! > > Is there a programme I can run just to add the checksums of these files > into the rkhunter dB? > > (Note that I think I used --hash SHA512, but I cannot remember...) > Hi,
You might be better off using the HASH_FUNC option in your rkhunter.conf file than trying to remember what checksum was used :-) > Example messages I get: > > Warning: The file '/usr/bin/locate' exists on the system, but it is not > present in the rkhunter.dat file. > Warning: The file '/usr/bin/mlocate' exists on the system, but it is not > present in the rkhunter.dat file. > This seems a bit odd. Usually I have found these types of warning get thrown up because the PATH used to create the rkhunter database, and that used by the process running rkhunter are different. Hence files are either suddenly present or missing from the system. If so, then you need to try and ensure that the PATH used at both times is the same. You cannot 'add' new entries. The entries that are added when 'rkhunter --propupd' is run are determined by the PATH of the process (usually root) running the program and a bultin list of directories (if they exist). However, the default directory list includes /usr/bin. As such the files should always be seen, unless you have modified BINDIR in the config file, or used the '--bindir' option on the command line. > Warning: The kernel modules directory '/lib/modules' is missing or empty. > You can avoid this warning be disabling the 'avail_modules' test. John. -- John Horne, Plymouth University, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
