On Fri, 2007-02-09 at 21:44 +0100, [EMAIL PROTECTED] wrote: > On Fri, 09 Feb 2007 20:15:12 +0100 Phil Schaffner > <[EMAIL PROTECTED]> wrote: > >On Fri, 2007-02-09 at 18:26 +0100, [EMAIL PROTECTED] wrote: > >> I wonder if you mean the build process or running RKH itself. > > > >I did it in the config file created by installing the built RPM. > > No I mean *what* "does not run" (as in attaching relevant error > output).
Duhhh, OK. A bit dense today I guess: # rkhunter -c Rootkit Hunter 1.2.9 is running Determining OS... cat: /var/rkhunter/db: Is a directory Ready /usr/bin/rkhunter: line 2190: [: /var/rkhunter/tmp: binary operator expected However, I determined in testing this that the problem does not occur with the out-of-the-box /etc/rkhunter.conf. Problem seems to have surfaced when I edited the new file to customize it. rkhunter.conf~ is the customized version that works rkhunter.conf is the broken version rkhunter.conf.rpmnew is the out-of-the-box version from the new RPM [EMAIL PROTECTED] etc]# diff rkhunter.conf~ rkhunter.conf 9,10c9,10 < #DBDIR=/var/rkhunter/db < #TMPDIR=/var/rkhunter/tmp --- > DBDIR=/var/rkhunter/db > TMPDIR=/var/rkhunter/tmp [EMAIL PROTECTED] etc]# diff rkhunter.conf.rpmnew rkhunter.conf 0a1,5 > # This is the configuration file of Rootkit Hunter. Please change > # it to your needs. > # > # All lines beginning with a dash (#) or empty lines, will be ignored. > # 7,12d11 < # This is the configuration file of Rootkit Hunter. Please change < # it to your needs. < # < # All lines beginning with a hash (#) or empty lines, will be ignored. < # < 20c19 < [EMAIL PROTECTED] --- > [EMAIL PROTECTED] 27c26 < #TMPDIR=/usr/local/rkhunter/lib/rkhunter/tmp --- > TMPDIR=/var/rkhunter/tmp 31c30 < #DBDIR=/usr/local/rkhunter/db --- > DBDIR=/var/rkhunter/db 41c40 < #ALLOW_SSH_ROOT_USER=0 --- > ALLOW_SSH_ROOT_USER=1 46,47c45,46 < #ALLOWHIDDENDIR=/etc/.java < #ALLOWHIDDENDIR=/dev/.udev --- > ALLOWHIDDENDIR=/dev/.udev > ALLOWHIDDENDIR=/etc/.java 60a60 > ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz [EMAIL PROTECTED] etc]# grep DBDIR rkhunter.conf~ #DBDIR=/var/rkhunter/db DBDIR=/var/rkhunter/db [EMAIL PROTECTED] etc]# grep TMPDIR rkhunter.conf~ #TMPDIR=/var/rkhunter/tmp TMPDIR=/var/rkhunter/tmp The problems seem to have come from the redundant definitions of TMPDIR=/var/rkhunter/tmp and DBDIR=/var/rkhunter/db I introduced when customizing it to function like my previous version. Seems like the duplicate definitions should be harmless, but apparently they are not. Sorry for the confusion, but perhaps there is a bug in there somewhere. Phil ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
