On Mon, Jun 13, 2016, at 15:36, zep wrote:
> On 06/13/2016 09:04 AM, Sam Ashley wrote:
> On Mon, Jun 13, 2016, at 11:49, John Horne wrote:
> >> On Sun, 2016-06-12 at 22:14 +0200, Sam Ashley wrote:
> >>> I have set UPDT_ON_OS_CHANGE=0 but when I install or remove anything
> >>> rkhunter runs --propupd. Previously this wasn't happening, or I
> >>> should say that it was happening but explicitly setting that to 0
> >>> stopped it. Now even with that set to 0 it always runs --propupd. How
> >>> can I turn this off??
> >>>
> >> How do you know that '--propupd' is being run?
> >>
> >>
> >>
> >> John.
> >>
> >> --
> >> John Horne Tel: +44 (0)1752 587287
> >> Plymouth University, UK
>
> > If I use apt-get then at the end of any install/remove/purge it shows
> > the same messages that are shown when I run --propupd. That is, it first
> > shows "rkhunter" and the version then there's a pause (the same as when
> > --propupd is run) after which it says (I'm not remembering the exact
> > words atm but to the effect of) "searched for nnn found nnn" and then
> > quits. This also happens if I install/remove something with synaptic
> > (the GUI program) and have the terminal that it uses expanded. At the
> > end comes those same messages.
> >
> > I tried setting UPDT_ON_OS_CHANGE=0 in /etc/rkhunter.conf too, in
> > addition to setting it in /etc/rkhunter.conf.local but it still happens.
>
>
> I believe what you're looking for is in this general vicinity; from my
> ubuntu machine:
>
> root@navajo:/etc/apt/apt.conf.d# more 90rkhunter
> // Makes sure that rkhunter file properties database is updated after
> each remov
> e or install only APT_AUTOGEN is enabled
> DPkg::Post-Invoke { "if [ -x /usr/bin/rkhunter ] && grep -qiE
> '^APT_AUTOGEN=.?(t
> rue|yes)' /etc/default/rkhunter; then
> /usr/share/rkhunter/scripts/rkhupd.sh; fi"
> ; };
> root@navajo:/etc/apt/apt.conf.d#
>
> I've noticed the same behavior, but it was something that I wanted, so I
> don't get warning when I login and install or update something new.
>
>
> as a side note, it's much more helpful to add replied to email threads
> below the previous responses, it makes it far easier to follow for
> people who find the archived thread on a web server somewhere in the
> future.
>
> sorry to jump into the middle of other responses, hopefully this is of
> some help.
>
> --
> public gpg key id: 0x5B8147CB
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning reports.
> https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
> _______________________________________________
> Rkhunter-users mailing list
> Rkhunter-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/rkhunter-users
That was it!! Thanks! I had enabled that myself actually, not realizing
that it meant that. Frankly I wonder why they would introduce another
way to enable that considering that rkhunter has its own setting for
this. Anyway thanks for the tip.
--
http://www.fastmail.com - Send your email first class
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
