On Wed, 29 Jun 2005, Nikita V. Youshchenko wrote: > > I've recently updated to sarge. > > > > When chkrootkit runs daily, I get a (presumed) false positive: > > > > # chkrootkit -q > > > > /usr/lib/mindi/rootfs/proc/.keep /usr/lib/mindi/rootfs/root/.profile > > > > I assume that this is due to the presence of "dotfiles" installed by > > mindi. I've tried suppressing this output using a "grep" statement, but > > chkrootkit returns a non-zero value, and I also get this message daily. > > > > Is there a way of turning this off without writing a separate shell > > script? > > You may stop daily mails by running dpkg-reconfigure chkrootkit and > disabling daily runs.
Newer versions of chkrootkit (0.45, for example) allow you to run in a "diff mode" that suppresses day-to-day duplicate hits. You can turn this option on with 'dpkg-reconfigure chkrootkit'. -- Brad -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
