On Tue, 2006-10-24 at 15:24 -0700, Mark Ness wrote:
> For me, on FC5, ever since I got prelink running I've been getting the bad
> hashes.
> I went through the procedure outlined in many recent posts. setenforce 0 >
> run prelink
> > run hashupd > got good hashes. setenforce 1, and the hashes are bad again.
> I followed through with the setenforce 0 > rm prelink.cache > run prelink >
> run hashupd
> > good hashes > setenforce 1 bad hashes. Is this indicative of the prelink
> > and selinux
> problem you mention or am I supposed to get good hashes with selinux enabled
> after
> following that procedure?
>
> In other words, as long as I'm getting bad hashes with rkhunter cron.daily
> run (selinux
> enabled), should I be running rkhunter manually with setenforce 0 to verify
> the hashes?
> -or- Does this indicate a problem with my machine?
>
Ideally Fedora would release the selinux update that they say they have
prepared. However they have not done so yet, so you will get bad hashes
while the problem exists.
If you want to modify your rkhunter script until the selinux update then
you can do so:
1) Edit rkhunter and locate the line 'PRELINKING=1'
2) Either before or after that line insert:
PRELINKBINARY="runcon -t unconfined_t -- ${PRELINKBINARY}"
3) Save the file.
Then try running RKH.
John.
--
---------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 233839
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
