[Rkhunter-users] False positive - "Required commands check failed"

Wed, 17 Sep 2014 16:09:06 -0700 

I'm running rkhunter 1.4.2 on a 64bit Gentoo linux installation.

On every run, I am getting a summary like the one below:

############################################
        System checks summary
        =====================

        File properties checks...
            Required commands check failed
            Files checked: 155
            Suspect files: 0

        Rootkit checks...
            Rootkits checked : 377
            Possible rootkits: 0

        Applications checks...
            Applications checked: 6
            Suspect applications: 0

        The system checks took: 1 minute and 37 seconds

        All results have been written to the log file: 
/var/log/rkhunter.log

        One or more warnings have been found while checking the 
system.
        Please check the log file (/var/log/rkhunter.log)


Searching the log file for warnings only finds 2 instances, one referring to 
the subject line of the email allert, and the other to the output of the lsattr 
command, which does not return data as I am using reiserfs rather than 
ext2/3/4 for my filesystems.

############################################
        $ egrep -C 1 -i warn /var/log/rkhunter.log
        [17:12:33] Info: Using '/var/lib/rkhunter/tmp' as the temporary 
directory
        [17:12:33] Info: Emailing warnings to 'root' using command 
'/usr/bin/mail
                -s "[rkhunter] Warnings found for 
${HOST_NAME}"'
        [17:12:33] Info: X will be automatically detected
        --
        [17:12:37] Performing file properties checks
        [17:12:37] Warning: Checking for prerequisites               [ 
Warning ]
        [17:12:37]          No output from the 'lsattr' command - all file
                immutable-bit checks will be skipped.
############################################

I can't find any references to the "required command check" failing in the 
log file, except for the summary at the end.

Is there really something weird on my system, and if not, can I stop these 
warnings from happening so that any real warnings will stand out.

Thanks.


-- 
Reverend Paul Colquhoun, ULC.     http://andor.dropbear.id.au/
  Asking for technical help in newsgroups?  Read this first:
     http://catb.org/~esr/faqs/smart-questions.html#intro


------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users

Reply via email to