Greetings. With Fedora 17, Fedora is moving many top level dirs to their /usr equivalent. This causes a rkhunter false positive. On a 32bit install, /lib becomes a link to /usr/lib. There's a number of packages that put files in /usr/lib/java, but due to the symlink, rkhunter sees this as /lib/java/ which is a signature from some rootkit. ;(
It would be nice if it could see if /lib is a link and bypass this test? Or if there was a way to whitelist this in config (currently there isn't). Thoughts? kevin
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
