On Mon, Jan 26, 2015 at 8:17 AM, Tanstaafl <tansta...@libertytrek.org> wrote:
> Hello,
>
> Been on rkhunter 1.4.2 for a while, no changes made to its config file,
> runs nightly without any warnings...
>
> I recently did some Gentoo updates after almost 2 months of no updates
> (was out of town), and now, even after running --propupd, I continut to
> get these warnings:
>
>> # grep Warning /var/log/rkhunter.log
>> [03:10:32] Info: Emailing warnings to 'root' using command '/bin/mail -s
>> "[rkhunter] Warnings found for ${HOST_NAME}"'
>> [03:10:45] /bin/egrep [ Warning ]
>> [03:10:45] Warning: The command '/bin/egrep' has been replaced by a script:
>> /bin/egrep: POSIX shell script, ASCII text executable
>> [03:10:45] /bin/fgrep [ Warning ]
>> [03:10:45] Warning: The command '/bin/fgrep' has been replaced by a script:
>> /bin/fgrep: POSIX shell script, ASCII text executable
>
> Anyone know if this is due to something changing in Gentoo?
>
> I'm going to ask on the gentoo list too, but thought I'd start here.
>
> Thanks
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming. The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media, is your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a
> look and join the conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Rkhunter-users mailing list
> Rkhunter-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/rkhunter-users
This is a gentoo specific thing and if you look at the scripts you'll
see that they're fairly benign.
The "thing" is that egrep and fgrep have been depricated for quite
some time now in favor of grep -E and grep -F. I know on a lot of
distros they have been symlinks to grep for years.
I see references to the wrapper scripts in the changelog[0] but not
their origin or why they were chosen over symlinks etc.
[0]http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/sys-apps/grep/ChangeLog?view=markup
--
K
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
