On Mon, 2018-06-18 at 10:35 +, Kielbasiewicz, Peter wrote:
> I had tried this option before but it only works on USER files.
> Files like /etc/passwd or group are built in system files.
>
Hi,
Okay, I see the problem. Your root account PATH includes '/etc'. Although your
server will find the
On Wed, 2018-06-20 at 09:55 +, Kielbasiewicz, Peter wrote:
> Hi John,
> I have systems with rkhunter 1.4.0, 1.4.2 and 1.4.6 as I use the rkhunter
> from the official Ubuntu repos.
> I have tested it on a latest Ubuntu 18.04 LTS which has rkhunter 1.4.6 as
> shown below in the propupd segment.
modification time : 1529487306 (20-Jun-2018 11:35:06)
-Original Message-
Sent: Mittwoch, 20. Juni 2018 11:08
To: rkhunter-users@lists.sourceforge.net
Subject: Re: [Rkhunter-users] DISABE_TESTS=group_accounts still complains about
file property changes
On Wed, 2018-06-20 at 04:47 +
On Wed, 2018-06-20 at 04:47 +, Kielbasiewicz, Peter wrote:
> Sorry John,
> no change.
> Did YOU ever try it on your machine?
>
Yes. It worked fine.
You are running rkhunter version 1.4.6?
Can you leave the EXCLUDE_USER_FILEPROP_FILES_DIRS option in the config file
and make a change to the
: [Rkhunter-users] DISABE_TESTS=group_accounts still complains about
file property changes
On Tue, 2018-06-19 at 10:41 +, Kielbasiewicz, Peter wrote:
> Sorry for the confusion.
> I did copy the wrong statement in my last answer.
> Of course I had added the values shown below
> D
On Tue, 2018-06-19 at 10:41 +, Kielbasiewicz, Peter wrote:
> Sorry for the confusion.
> I did copy the wrong statement in my last answer.
> Of course I had added the values shown below
> DISABLE_TESTS=passwd_changes group_changes deleted_files suspscan
>
eally work on your machine ?
Regards
Peter
-Original Message-
From: John Horne
Sent: Dienstag, 19. Juni 2018 11:42
To: rkhunter-users@lists.sourceforge.net
Subject: Re: [Rkhunter-users] DISABE_TESTS=group_accounts still complains about
file property changes
On Tue, 2018-06-19 at 0
On Tue, 2018-06-19 at 05:24 +, Kielbasiewicz, Peter wrote:
> As I said, I had tried it before.
> I added
> USER_FILEPROP_FILES_DIRS="/etc/passwd"
> to rkhunter.conf.local but still got messages that the checksum of passwd had
> changed.
>
Yes, you will. That option says to monitor the file for
p_accounts still complains about
file property changes
On Mon, 2018-06-18 at 10:35 +, Kielbasiewicz, Peter wrote:
> I had tried this option before but it only works on USER files.
>
Not really. It is not possible to disable some commands, but /etc/passwd is
just a
On Mon, 2018-06-18 at 10:35 +, Kielbasiewicz, Peter wrote:
> I had tried this option before but it only works on USER files.
>
Not really. It is not possible to disable some commands, but /etc/passwd is
just a data file.
John.
--
John Horne | Senior Operations Analyst | Technology and
to be no alternative.
Peter
-Original Message-
From: John Horne
Sent: Donnerstag, 14. Juni 2018 21:46
To: rkhunter-users@lists.sourceforge.net
Subject: Re: [Rkhunter-users] DISABE_TESTS=group_accounts still complains about
file property changes
On Thu, 2018-06-14 at 05:48 +
On Thu, 2018-06-14 at 05:48 +, Kielbasiewicz, Peter wrote:
> I support >200 RnD Linux Boxes and maintain a local mechanism to monitor and
> update passwd and group files.
> So I needed to disable the test for group_accounts as changes to these files
> occur consolidated on all machines and I
12 matches
Mail list logo