On Tue, 2013-04-23 at 21:25 -0700, 'Robert Holtzman' wrote: > > Next I added my email address to MAIL-ON-WARNING in /etc/rkhunter.conf. > It had been MAIL-ON-WARNING="". I thought that was weird but it was the > same on my desktop where I got the emails every day. Result...still no > joy. > > I'm out of Ideas. If anyone has a clue please let me know. > Hello,
If MAIL-ON-WARNING is not set (or set to ""), then RKH will not send an email message if there are warnings. However, it may well be your cron system that is capturing the output from RKH and sending the message. I don't know how RKH is set up on a Debian system. What are the settings of MAIL-ON-WARNING and MAIL_CMD in the rkhunter.conf file on a standard Debian system? What does the RKH cron entry look like? As someone else pointed out, the laptop simply may not have any warnings. I would suggest looking in the rkhunter log file to see if there were any warnings (using 'grep' obviously makes this easier). If there are warnings, but you do not get a message then there is a problem. If there are no warnings, then you may want to forcibly create one - I tend to use something like 'date >/dev/dummyfile'. The 'filesystem' test will then report the file as being suspicious. John. -- John Horne, Plymouth University, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
