I don't know anything about Raspbian Stretch, so can't really comment nor understand why it needs to update itself every night. I can see by the warnings that those files are not actually changing in content or there would be a hash change (only modification date and location on the disk are different). I'd have to guess that there are other files that aren't part of property checks that actually change which require nightly updates?
In any case, you can either run --propupd after each system update or just ignore those warnings about modification time and stored inode. -Al- > On Feb 20, 2019, at 00:29, Marco Strullato <marco.strull...@gmail.com> wrote: > > Hi all, > > How do you manage the system updates with rkhunter? > My system is updating itself every night: if updates are about core > components, rkhunter is highlighting the differences with warnings. > > Do I have to run everyday the --propupd? > > Regards > > > Warning: The file properties have changed: > File: /sbin/init > Current inode: 528322 Stored inode: 543976 > Current file modification time: 1550391778 (17-Feb-2019 09:22:58) > Stored file modification time : 1547546383 (15-Jan-2019 10:59:43) > Warning: The file properties have changed: > File: /sbin/runlevel > Current inode: 542777 Stored inode: 543989 > Current file modification time: 1550391778 (17-Feb-2019 09:22:59) > Stored file modification time : 1547546383 (15-Jan-2019 10:59:43) > Warning: The file properties have changed: > File: /bin/systemd > Current inode: 274320 Stored inode: 264733 > Current file modification time: 1550391778 (17-Feb-2019 09:22:58) > Stored file modification time : 1547546383 (15-Jan-2019 10:59:43) > Warning: The file properties have changed: > File: /bin/systemctl > Current inode: 262251 Stored inode: 263327 > Current file modification time: 1550391778 (17-Feb-2019 09:22:58) > Stored file modification time : 1547546383 (15-Jan-2019 10:59:43) > Warning: The file properties have changed: > File: /lib/systemd/systemd > Current inode: 271364 Stored inode: 264334 > Current file modification time: 1550391778 (17-Feb-2019 09:22:58) > Stored file modification time : 1547546383 (15-Jan-2019 10:59:43) > Warning: The following processes are using deleted files: > Process: /lib/systemd/systemd-logind PID: 463 File: > /lib/systemd/systemd-logind > Process: /usr/bin/influxd PID: 586 File: /usr/bin/influxd > Process: /lib/systemd/systemd-journald PID: 1596 File: > /lib/systemd/systemd-journald > Process: /usr/sbin/cron PID: 6324 File: /tmp/tmpfb2jk1P > Process: /bin/dash PID: 6333 File: /tmp/tmpfb2jk1P > Process: /bin/run-parts PID: 6335 File: /tmp/tmpfb2jk1P > Warning: File '/tmp/tmp.I5F2fmVFF6' (score: 220) contains some suspicious > content and should be checked. > Warning: Checking for files with suspicious contents [ Warning ] -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
