[Bug 1581860] [NEW] rkhunter marks bootchart files as suspicious

A. Mani Sat, 14 May 2016 12:41:36 -0700

Public bug reported:

1. Rkhunter thinks many files in /dev/.bootchart are suspicious.
2. Takes lot more time to complete.


_______________________________________edited log___________________

# sudo rkhunter -c -sk
[ Rootkit Hunter version 1.4.2 ]

[11:54:47] Checking configuration file and command-line options...
[11:54:47] Info: Detected operating system is 'Linux'
[11:54:47] Info: Found O/S name: Ubuntu 16.04 LTS
[11:54:47] Info: Command line is /usr/bin/rkhunter -c -sk
[11:54:47] Info: Environment shell is /bin/bash; rkhunter is using dash
[11:54:47] Info: Using configuration file '/etc/rkhunter.conf'
[11:54:47] Info: Installation directory is '/usr'
[11:54:47] Info: Using language 'en'
[11:54:47] Info: Using '/var/lib/rkhunter/db' as the database directory
[11:54:47] Info: Using '/usr/share/rkhunter/scripts' as the support script 
directory

(skip)

[11:56:33] Info: SCAN_MODE_DEV set to 'THOROUGH'
[12:25:30]   Checking /dev for suspicious file types   
12:25:30]   Checking /dev for suspicious file types         [ Warning ]
[12:25:30] Warning: Suspicious file types found in /dev:
[12:25:30]          /dev/.udev/rules.d/root.rules: ASCII text
[12:25:30]          /dev/.bootchart/log/header: ASCII text
[12:25:30]          /dev/.bootchart/log/proc_ps.log: ASCII text, with very long 
lines
[12:25:30]          /dev/.bootchart/log/proc_diskstats.log: ASCII text
[12:25:30]          /dev/.bootchart/log/proc_stat.log: ASCII text, with very 
long lines
[12:25:30]          /dev/.bootchart/proc/bus/pci/00/00.0: data
[12:25:30]          /dev/.bootchart/proc/bus/pci/00/00.2: data
[12:25:30]          /dev/.bootchart/proc/bus/pci/00/01.0: data
[12:25:30]          /dev/.bootchart/proc/bus/pci/00/04.0: dBase III DBT, 
version number 0, next free block index 336859170
[12:25:30]          /dev/.bootchart/proc/bus/pci/00/11.0: data

(skip)

[12:25:30]          /dev/.bootchart/proc/bus/pci/00/16.2: data
[12:25:30]          /dev/.bootchart/proc/bus/pci/00/18.0: dBase III DBT, 
version number 0, next free block index 335548450

(skip)

[12:25:33] The system checks took: 30 minutes and 45 seconds
_________________________________________________________

** Affects: rkhunter (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: bootchart performance rkhunter

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1581860

Title:
  rkhunter marks bootchart files as suspicious

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rkhunter/+bug/1581860/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1581860] [NEW] rkhunter marks bootchart files as suspicious

Reply via email to