Bug#607224: rkhunter complains about files from the unhide package
Hi, Le mercredi 15 déc. 2010 à 21:01:29 (+), Steinar Bang a écrit : rkhunter keeps sending out emails with the following text: Warning: The file '/usr/sbin/unhide' exists on the system, but it is not present in the rkhunter.dat file. Warning: The file '/usr/sbin/unhide-linux26' exists on the system, but it is not present in the rkhunter.dat file. This is a known problem which has already been reported, but thanks for reminding me I should really do something. Actually, the problem comes from the fact rkhunter recommends unhide, and if both packages are installed at the same time, unhide isn't yet unpackacked when rkhunter creates its metadata database. As a quick workaround, you can simply run 'rkhunter --propupd', just make sure your system is clean before doing that. I think a possible solution might be to add a trigger, but I will need time as I would like to make something more general which would allow me to improve the way the database is updated (see other bug reports on this subject). Cheers, Julien -- ,''`. Julien Valroff ~ jul...@kirya.net ~ jul...@debian.org : :' : Debian Developer Free software contributor `. `' http://www.kirya.net/ `-4096R/ E1D8 5796 8214 4687 E416 948C 859F EF67 258E 26B1 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607224: rkhunter complains about files from the unhide package
Package: rkhunter Version: 1.3.2-6 Severity: normal rkhunter keeps sending out emails with the following text: Warning: The file '/usr/sbin/unhide' exists on the system, but it is not present in the rkhunter.dat file. Warning: The file '/usr/sbin/unhide-linux26' exists on the system, but it is not present in the rkhunter.dat file. These files are installed by the unhide-20100201-1 package http://packages.debian.org/squeeze/unhide Unhide is a tool to find processes and ports hidden by rootkits, and thus in the same line of business as rkhunter. -- System Information: Debian Release: 5.0.7 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32.26-kvm-i386-20101122 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages rkhunter depends on: ii binutils2.18.1~cvs20080103-7 The GNU assembler, linker and bina ii debconf [debconf-2. 1.5.24 Debian configuration management sy ii exim4-daemon-heavy 4.69-9+lenny1Exim MTA (v4) daemon with extended ii file4.26-1 Determines file type using magic ii net-tools 1.60-22 The NET-3 networking toolkit ii perl5.10.0-19lenny2 Larry Wall's Practical Extraction Versions of packages rkhunter recommends: ii iproute 20080725-2 networking and traffic control too ii libmd5-perl 2.03-1 backwards-compatible wrapper for D ii unhide 20080519-2 Forensic tool to find hidden proce ii wget 1.11.4-2+lenny2 retrieves files from the web Versions of packages rkhunter suggests: ii bsd-mailx 8.1.2-0.20071201cvs-3 A simple mail user agent -- debconf information: rkhunter/apt_autogen: false rkhunter/cron_daily_run: rkhunter/cron_db_update: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
