Your message dated Thu, 23 Mar 2023 10:18:21 +0000
with message-id
<cac11uejltlhnv5daw1rhumrvbyu4ew1b3bbkfysk1jgkkgu...@mail.gmail.com>
and subject line this bug was marked as fixed in version 0.55, but not 'closed'
so is showing as 'open' on the bts page
has caused the Debian Bug report #999418,
regarding chkrootkit: chkproc bogus OooPS, not expected 210672 value
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
999418: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999418
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chkrootkit
Version: 0.55-1+b1
Severity: important
Dear Maintainer,
Since upgrade to bullseye I'm seeing chkrootkit warnings of the
form:
OooPS, not expected 210672 value
I think the problem here is the new larger PIDs on newer kernels.
I think the problem here is something involving the MAX_PROCESSES calc in
chkproc.c
TO reproduce:
Let the host run for a while so you're getting larger PIDs, then
cd /usr/lib/chkrootkit
./chkproc
OooPS, not expected 210672 value
and that's the first PID in my system's ps output that's large.
I tried upgrading to testing's:
ii chkrootkit 0.55-1+b1 amd64
rootkit detector
and it still happens for me.
I checked it really is the 64bit build:
dg@mx:/usr/lib/chkrootkit$ file /usr/lib/chkrootkit/chkproc
/usr/lib/chkrootkit/chkproc: ELF 64-bit LSB pie executable, x86-64, version 1
(SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2,
BuildID[sha1]=66d59d153338e672554b5b6fee85d5696d2cb968, for GNU/Linux 3.2.0,
stripped
Dave
-- System Information:
Debian Release: 11.1
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-9-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages chkrootkit depends on:
ii binutils 2.35.2-2
ii debconf [debconf-2.0] 1.5.77
ii libc6 2.31-13+deb11u2
ii net-tools 1.60+git20181103.0eebece-1
ii openssh-client 1:8.4p1-5
ii procps 2:3.3.17-5
chkrootkit recommends no packages.
chkrootkit suggests no packages.
-- debconf information:
* chkrootkit/run_daily_opts: -q -n
* chkrootkit/run_daily: true
* chkrootkit/diff_mode: false
--- End Message ---
--- Begin Message ---
--- End Message ---
