Bug#542327: marked as done (chkrootkit: new chkutmp report interacts poorly with diff mode)

Fri, 28 Aug 2009 03:51:47 -0700 

Your message dated Fri, 28 Aug 2009 10:07:54 +0000
with message-id <[email protected]>
and subject line Bug#542327: fixed in chkrootkit 0.49-3
has caused the Debian Bug report #542327,
regarding chkrootkit: new chkutmp report interacts poorly with diff mode
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
542327: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542327
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: chkrootkit
Version: 0.49-2
Severity: normal

chkrootkit 0.49 now includes a chkutmp report, featuring ps-style output
complete with PIDs.  Although the results are reasonably stable, the
PIDs are liable to change across reboots, and in some cases (X or getty)
across local login sessions, so I would appreciate it if you could add
the sed -r command 's/(! \w+\s+)[ 0-9]{4}[0-9]/\1#####/' to the daily
cron job's diff branch.

In addition, I've found that lines can run into each other:

! 116         25903 tty8   daemon --foreground --respawn --attempts=20 
--delay=10 --name=8-_-_var_-_log_-_exim4_-_mainlog 
--pidfile=/var/run/console-log/Debian-console-log/8-_-_var_-_log_-_exim4_-_mainlog
 --user Debian-console-log adm /usr/share/console-log/logpager -- less 
/var/log/e! 116          6586 pts/2  less -Pwless /var/log/syslog +F 
/var/log/syslog

Fixing that in chkutmp would be best, but if that's not feasible
changing the sed command to .../g should at least compensate by masking
all the PIDs.

Thanks!

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages chkrootkit depends on:
ii  binutils              2.19.51.20090805-1 The GNU assembler, linker and bina
ii  cdebconf [debconf-2.0 0.145              Debian Configuration Management Sy
ii  debconf [debconf-2.0] 1.5.27             Debian configuration management sy
ii  libc6                 2.9-25             GNU C Library: Shared libraries
ii  net-tools             1.60-23            The NET-3 networking toolkit
ii  procps                1:3.2.8-1          /proc file system utilities

chkrootkit recommends no packages.

chkrootkit suggests no packages.

-- debconf information:
* chkrootkit/run_daily_opts: -q -n
* chkrootkit/diff_mode: true
* chkrootkit/run_daily: true

--- End Message ---
--- Begin Message --- 
Source: chkrootkit
Source-Version: 0.49-3

We believe that the bug you reported is fixed in the latest version of
chkrootkit, which is due to be installed in the Debian FTP archive:

chkrootkit_0.49-3.diff.gz
  to pool/main/c/chkrootkit/chkrootkit_0.49-3.diff.gz
chkrootkit_0.49-3.dsc
  to pool/main/c/chkrootkit/chkrootkit_0.49-3.dsc
chkrootkit_0.49-3_i386.deb
  to pool/main/c/chkrootkit/chkrootkit_0.49-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Giuseppe Iuculano <[email protected]> (supplier of updated chkrootkit 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 28 Aug 2009 10:29:14 +0200
Source: chkrootkit
Binary: chkrootkit
Architecture: source i386
Version: 0.49-3
Distribution: unstable
Urgency: low
Maintainer: Giuseppe Iuculano <[email protected]>
Changed-By: Giuseppe Iuculano <[email protected]>
Description: 
 chkrootkit - rootkit detector
Closes: 542327
Changes: 
 chkrootkit (0.49-3) unstable; urgency=low
 .
   * [543dafe] Fixed chkutmp parser and added a regexp to ignore PIDs in
     chkutmp output, thanks to Aaron M. Ucko. (Closes: #542327)
   * [d016db0] chkutmp: sort ps output by tty,ruser,args. Thanks to Aaron
     M. Ucko
   * [c1fb66c] Updated to standards version 3.8.3 (No changes needed)
Checksums-Sha1: 
 1d9fd11c6a65a133e8beb35c6a106ccfcdad069c 1227 chkrootkit_0.49-3.dsc
 e6b94a310274921219c2179aafd145a9382243c2 34228 chkrootkit_0.49-3.diff.gz
 59f68cd7b5ab064057b027b8535acae0f7b32695 299816 chkrootkit_0.49-3_i386.deb
Checksums-Sha256: 
 bb87de776be30ef47d9a1685144a5c500905a8ce2fe839d2fa7c65907ddde73b 1227 
chkrootkit_0.49-3.dsc
 04e979340f123f2b0585a208e8f3de8d5fdabe9709e2d256805676aec3b3b283 34228 
chkrootkit_0.49-3.diff.gz
 b547173ea95668caddb362dd8c944994b414994b0cecdad36cad529b35df594b 299816 
chkrootkit_0.49-3_i386.deb
Files: 
 a9f2add167ae9f8ef146c11886717168 1227 misc optional chkrootkit_0.49-3.dsc
 a9d0509a0c3cb6ea718908c9c1a6afef 34228 misc optional chkrootkit_0.49-3.diff.gz
 0a3d3608f72e5aa8d6985bf6d4cce0ec 299816 misc optional 
chkrootkit_0.49-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqXlpcACgkQNxpp46476aplWwCeMB4uKyOzfbTg2pNd7J9XUnuT
PD8AoIBmtY1x541N47MUkIX67Bm3XKRd
=zDdY
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to