hi everyone,
The execution of rkhunter in my system is triggered by the cron daily:
during the check some warning is raised, however I think it can be safely
ignored.
This is the daily report:
Warning: The following processes are using deleted files:
Process: /usr/bin/influxd PID: 586 File: /usr/bin/influxd
Process: /usr/sbin/cron PID: 15569 File: /tmp/tmpfAxob2Y
Process: /bin/dash PID: 15577 File: /tmp/tmpfAxob2Y
Process: /bin/run-parts PID: 15580 File: /tmp/tmpfAxob2Y
In order to skip these checks, I added to the config:
ALLOWPROCDELFILE=/bin/dash:/tmp
ALLOWPROCDELFILE=/usr/sbin/cron:/tmp
ALLOWPROCDELFILE=/bin/run-parts:/tmp
The problem is that the exclusion I specify is ignored.
I think the problem I'm encountering is a kind of know, however I can't
find a solution... Any idea?
Thanks & Regards
Marco
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
