Re: [Rkhunter-users] Warning persists
-Original Message- From: John Horne [mailto:john.ho...@plymouth.ac.uk] Sent: Friday, March 06, 2015 9:23 AM To: Dimitri Yioulos Subject: Re: [Rkhunter-users] Warning persists On Fri, 2015-03-06 at 13:50 +, Dimitri Yioulos wrote: Hi, John. The log file is attached. Thanks for taking a look. The file shows now warnings for amanda other than the the first one on 2nd March. All the others report no warning. I would suggest installing amanda again, whitelist the service in RKH, and then run rkhunter to see what happens. John. -- John Horne Tel: +44 (0)1752 587287 Plymouth University, UK John, Thanks for the response. I've re-installed Amanda, but, no joy. I still get warning regarding its installation in xinetd. The curious thing is this - if I run rkhunter -c from the cli, I get no errors. However, when it's run via a cron job, I get an email warning. Here's what the cron job looks like: 0 * * * * /usr/bin/rkhunter --cronjob --rwo Here's what I've done in rkhunter.conf: XINETD_CONF_PATH=/etc/xinetd.conf XINETD_ALLOWED_SVC=/etc/xinetd.d/Amanda Is there anything I'm missing? What else can I do to whitelist Amanda? Many thanks. Dimitri -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] Warning persists
On Thu, 2015-03-05 at 21:12 +, Dimitri Yioulos wrote: No Amanda, as I uninstalled it. If it doesn't exist in /etc/xinetd.d then it can't be checked (obviously), so no warning would be produced. If you are saying that it is still producing a warning, then can you send me a copy of the log file please. John. -- John Horne Tel: +44 (0)1752 587287 Plymouth University, UK -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] Warning persists
On Thu, 5 Mar 2015 16:11:13 + Dimitri Yioulos dyiou...@netatlantic.com wrote: Rkh keeps warning about Amanda. What the warning is? Regards, Nerijus -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] Warning persists
-Original Message- From: Nerijus Baliunas [mailto:neri...@users.sourceforge.net] Sent: Thursday, March 05, 2015 2:30 PM To: Rkhunter-users@lists.sourceforge.net Subject: Re: [Rkhunter-users] Warning persists On Thu, 5 Mar 2015 16:11:13 + Dimitri Yioulos dyiou...@netatlantic.com wrote: Rkh keeps warning about Amanda. What the warning is? Regards, Nerijus Nerijus, Here's the warning: Checking '/etc/xinetd.d/amanda' for enabled services [ Warning ] and Warning: Found enabled xinetd service: /etc/xinetd.d/Amanda As I mentioned in the op, I've disabled, removed, etc. Amanda. Dimitri -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] Warning persists
On Thu, 5 Mar 2015 20:00:11 + Dimitri Yioulos dyiou...@netatlantic.com wrote: Here's the warning: Checking '/etc/xinetd.d/amanda' for enabled services [ Warning ] and Warning: Found enabled xinetd service: /etc/xinetd.d/Amanda As I mentioned in the op, I've disabled, removed, etc. Amanda. What are the contents of the files /etc/xinetd.d/Amanda /etc/xinetd.d/amanda /etc/xinetd.conf ? Also please provide the output of ls -l /etc/xinetd.d Regards, Nerijus -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
Re: [Rkhunter-users] Warning persists
On Thu, 5 Mar 2015 21:12:14 + Dimitri Yioulos dyiou...@netatlantic.com wrote: Here's the warning: Checking '/etc/xinetd.d/amanda' for enabled services [ Warning ] and Warning: Found enabled xinetd service: /etc/xinetd.d/Amanda As I mentioned in the op, I've disabled, removed, etc. Amanda. What are the contents of the files /etc/xinetd.conf ? [root@billmax a-scripting]#cat /etc/xinetd.d Do you really mean /etc/xinetd.d? It is a directory. Did you mean cat /etc/xinetd.conf ? Please post the cron script contents which gives the error and the full error or email message. Regards, Nerijus -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
