Doug Parsons
2012-04-07 15:50:08 UTC
Hi.
Since I upgraded from CentOS 5.4 to 6, I've got a problem with rkhunter
with this warning.
I've tried to fix it, but cannot; I assume I'm missing something obvious,
I followed instructions trying to fix this from various forums, the
latest from y'all.
I created /etc/rkhunter.conf.local with one line
USER_FILEPROP_FILES_DIRS="/sbin/.cryptsetup.hmac"
(I copied the line from the normal .conf, took out the (#) and
substituted this filename.)
When the error was there next run, I then did a
$ rkhunter --propupd
but I still get the error when I run it.
I thought y'all recommended making the local file rather than modify
yours, and that this would 'white-list' this 'error'.
btw
$ rkhunter --version
Rootkit Hunter 1.3.8
Questions:
Got this since the upgrade, so I'm leery of just 'getting rid of the
error' as I suspect y'all would have done the right thing and this is a
real error and not a false positive.
I have no interest cryptsetup, it just happened in the upgrade. I may,
later.
Perhaps I should just delete it, but I don't know if there would be
unintended consequences.
What to do ?
-doug
Since I upgraded from CentOS 5.4 to 6, I've got a problem with rkhunter
with this warning.
I've tried to fix it, but cannot; I assume I'm missing something obvious,
I followed instructions trying to fix this from various forums, the
latest from y'all.
I created /etc/rkhunter.conf.local with one line
USER_FILEPROP_FILES_DIRS="/sbin/.cryptsetup.hmac"
(I copied the line from the normal .conf, took out the (#) and
substituted this filename.)
When the error was there next run, I then did a
$ rkhunter --propupd
but I still get the error when I run it.
I thought y'all recommended making the local file rather than modify
yours, and that this would 'white-list' this 'error'.
btw
$ rkhunter --version
Rootkit Hunter 1.3.8
Questions:
Got this since the upgrade, so I'm leery of just 'getting rid of the
error' as I suspect y'all would have done the right thing and this is a
real error and not a false positive.
I have no interest cryptsetup, it just happened in the upgrade. I may,
later.
Perhaps I should just delete it, but I don't know if there would be
unintended consequences.
What to do ?
-doug
--
The greatest danger for most of us is
not that our aim is too high and we miss it,
but that our aim is too low and we reach it.
- Michelangelo
The greatest danger for most of us is
not that our aim is too high and we miss it,
but that our aim is too low and we reach it.
- Michelangelo