I found one more issue if you wouldn't mind advising on.
'SUSPSCAN_DIRS=`get_option space-list SUSPSCAN_DIRS` || exit 1' wasn't
working so I changed it to 'SUSPSCAN_DIRS=`get_option newline-list
SUSPSCAN_DIRS` || exit 1' and now its recognizing the options and not
falling back to defaults.
Yeah wc in AIX does exactly what you are saying. I do a lot of scripting
in AIX and I always have to add "| awk '{print $1}'" to the end of my wc
lines or run the risk of issues. I have researched it many times, but
there are no arguments that stop this behavior. If you have a better idea
then piping to awk that would be great.
It was really the update phase when it creates rkhunter.dat that was
breaking things. Function rkh_dat_set_file_properties and specifically the
way COLON_COUNT and SYSLNK_CC were being set.
joshpe@jwp-linux ~ $ echo test | wc -c
5
jpeacock@jwp-aix: /etc >echo test | wc -c
5
I went through and updated all the lines with wc in them and it seems to be
working. Below are the lines I updated
LINE1_NUM=`echo "${LINE1}" | wc -c | tr -d '
' | awk '{print $1}'`
LOGLINE1_NUM=`echo "${LOGLINE1}" | wc -c | tr -d '
' | awk '{print $1}'`
COLON_COUNT=`echo "${FNAME}" | tr -c -d ':' | wc -c | awk
'{print $1}'`
SYSLNK_CC=`echo "${SYSLNK}" | tr -c -d ':' | wc -c | awk
'{print $1}'`
MIRROR_COUNT=`egrep -i '^(local|remote|mirror)='
"${DB_PATH}/mirrors.dat" | wc -l | tr -d ' ' | awk '{print $1}'`
MIRROR_COUNT=`grep -i '^local='
"${DB_PATH}/mirrors.dat" | wc -l | tr -d ' ' | awk '{print $1}'`
MIRROR_COUNT=`grep -i '^remote='
"${DB_PATH}/mirrors.dat" | wc -l | tr -d ' ' | awk '{print $1}'`
COLON_COUNT=`echo "${FNAME}" | tr -c -d ':'
| wc -c | awk '{print $1}'`
SYSLNK_CC=`echo "${SYSLNK}"
| tr -c -d ':' | wc -c | awk '{print $1}'`
RKH_CC=`echo "${FNAME}" | tr -c -d
':' | wc -c | awk '{print $1}'`
SYSLNK_CC=`echo "${SYSLNK}" | tr -c
-d ':' | wc -c | awk '{print $1}'`
APPS_TOTAL_COUNT=`echo "${APP_NAMES}" | wc -l | tr -d ' ' | awk
'{print $1}'`
PROP_FILE_LIST_TOTAL=`echo "${PROP_FILE_LIST}" | wc -l | tr -d ' '
| awk '{print $1}'`
LEN=`echo "${STR}" | cut -d: -f1 | wc -c | tr -d ' ' | awk
'{print $1}'`
LEN=`echo "${GROUP_NAME}" | wc -c | tr -d ' ' | awk '{print
$1}'`
MODLEN=`echo "${MODNAME}" | wc -c | tr -d ' ' | awk '{print
$1}'`
COLON_COUNT=`echo "${FNAME}" | tr
-c -d ':' | wc -c | awk '{print $1}'`
Let me know what you think. I can test a newer version out if you are ok
with updating it.
Thanks for the help.
On Thu, Dec 19, 2013 at 4:20 AM, John Horne <john.ho...@plymouth.ac.uk>wrote:
> On Thu, 2013-12-19 at 10:08 +0000, John Horne wrote:
> > On Wed, 2013-12-18 at 22:12 -0600, Josh Peacock wrote:
> >
> >
> > > Changed to this and its working.
> >
> > > RKH_CC=`echo "${RKHTMPVAR}" | cut -d: -f2 | awk '{print $1}'`
> >
> > > It is actually line 11486 that is creating the issue. AIX expr
> > > doesn't like the padded spaces before the number in field 2 of
> > > ${RKHTMPVAR}.
> > >
> > Spaces? There should be no spaces, it is a digit-only (or null) field.
> >
> Ah, just thought. Does AIX 'wc' command output the result as a
> space-padded number? Some thing like 'wc -l /etc/passwd' should give
> just a number (no leading spaces).
>
>
>
> John.
>
> --
> ----------------------------------------------------
> John Horne Tel: +44 (0)1752 587287
> Plymouth University, UK Fax: +44 (0)1752 587001
>
>
>
> ------------------------------------------------------------------------------
> Rapidly troubleshoot problems before they affect your business. Most IT
> organizations don't have a clear picture of how application performance
> affects their revenue. With AppDynamics, you get 100% visibility into your
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics
> Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
> _______________________________________________
> Rkhunter-users mailing list
> Rkhunter-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/rkhunter-users
>
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
