[EMAIL PROTECTED] wrote: > ------------------------------ > > Message: 2 > Date: Wed, 25 Oct 2006 01:36:27 +0100 > From: John Horne <[EMAIL PROTECTED]> > Subject: Re: [Rkhunter-users] centos 4.4/FC4 prelink/selinux issue > To: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain > > On Tue, 2006-10-24 at 15:24 -0700, Mark Ness wrote: > >> For me, on FC5, ever since I got prelink running I've been getting the bad >> hashes. >> I went through the procedure outlined in many recent posts. setenforce 0 > >> run prelink >> >>> run hashupd > got good hashes. setenforce 1, and the hashes are bad again. >>> >> I followed through with the setenforce 0 > rm prelink.cache > run prelink > >> run hashupd >> >>> good hashes > setenforce 1 bad hashes. Is this indicative of the prelink >>> and selinux >>> >> problem you mention or am I supposed to get good hashes with selinux enabled >> after >> following that procedure? >> >> In other words, as long as I'm getting bad hashes with rkhunter cron.daily >> run (selinux >> enabled), should I be running rkhunter manually with setenforce 0 to verify >> the hashes? >> -or- Does this indicate a problem with my machine? >> >> > Ideally Fedora would release the selinux update that they say they have > prepared. However they have not done so yet, so you will get bad hashes > while the problem exists. > > If you want to modify your rkhunter script until the selinux update then > you can do so: > 1) Edit rkhunter and locate the line 'PRELINKING=1' > 2) Either before or after that line insert: > PRELINKBINARY="runcon -t unconfined_t -- ${PRELINKBINARY}" > 3) Save the file. > > Then try running RKH. > > > > John. > > I can live with this. I just needed that clarification, and you have eased my mind quite a bit. I am also glad to here there is a "fix" on the way. By the time it gets here, I'll may be running FC6 (and opening a new can of worms). ;) Thank you much John M.S.N.
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
