On Wed, 2012-11-28 at 20:44 +0000, Stewart, Larry C Sr CTR DISA JITC (US) wrote: > I have several Solaris 10 servers that I can't run rkhunter on despite > the fact that I am logged in as root or have su'd to root from my > account. The OS is Solaris 10 8/11 on an x86 platform. I have hardened > the system using US DoD guidelines. I have one system that I can run > it on that has not received the same level of attention. In order for > me to find and change the setting that will allow me to run rkhunter I > was hoping you could explain what rkhunter is doing to determine that > the user is root. Thanks in advance for any assistance you can > provide. > Hello,
By default it uses the 'id' command (wherever that is in your PATH), but for Solaris it will use '/usr/xpg4/bin/id' if it is executable. It then runs 'id -u' to get the userid and compares that to '0' or 'root'. If neither is true, then the program stops saying that you must be root to run RKH. John. -- John Horne, Plymouth University, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 ------------------------------------------------------------------------------ Keep yourself connected to Go Parallel: INSIGHTS What's next for parallel hardware, programming and related areas? Interviews and blogs by thought leaders keep you ahead of the curve. http://goparallel.sourceforge.net _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
