FS#26174 : [rkhunter] warning

FS#26174 - [rkhunter] warning

Attached to Project: Community Packages
Opened by aiksun (miksun) - Saturday, 01 October 2011, 12:07 GMT
Last edited by Lukas Fleischer (lfleischer) - Tuesday, 29 May 2012, 01:19 GMT

Task Type	Bug Report
Category	Upstream Bugs
Status	Closed
Assigned To	Lukas Fleischer (lfleischer)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	2 Dennis Börm (allspark) (2011-10-17) aiksun (miksun) (2011-10-01)
Private	No

Details

Description:
After installing and running rkhunter, I get the following warning in /var/log/rkhunter.log: "Warning: The command '/usr/bin/rkhunter' has been replaced and is not a script: /usr/bin/rkhunter: POSIX shell script, ASCII text executable, with very long lines."

Additional info:
* rkhunter 1.3.8-2

This task depends upon

Closed by Lukas Fleischer (lfleischer)
Tuesday, 29 May 2012, 01:19 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in 1.4.0.

Comment by Lukas Fleischer (lfleischer) - Sunday, 02 October 2011, 20:17 GMT

aiksun: Did you run `rkhunter --propupd` before?

Comment by aiksun (miksun) - Monday, 03 October 2011, 09:47 GMT

I actually ran `rkhunter -c` once, then I discovered about `rkhunter --propupd` and ran the command. Then I ran `rkhunter -c` again.

Comment by aiksun (miksun) - Monday, 03 October 2011, 10:04 GMT

Oh, and I think I used `rkhunter --update` before running `rkhunter --propupd`.

Comment by Lukas Fleischer (lfleischer) - Friday, 07 October 2011, 12:57 GMT

So the error message still appears, after you ran `rkhunter --propupd`?

Comment by aiksun (miksun) - Friday, 07 October 2011, 16:03 GMT

Yes, it does. Just to be sure I ran `rkhunter --propupd` again and then `rkhunter -c` but the warning message is still in var/log/rkhunter.log.

Comment by Lex Black (TrialnError) - Sunday, 16 October 2011, 18:07 GMT

I get the same message

I used the --update and -c command and got the same Warning.
After founding this report I tried the --propupd option, but the warning still occurs

Comment by Dennis Börm (allspark) - Monday, 17 October 2011, 22:33 GMT

Hi

i got the following patch from a friend, which fixes the warning

9883c9883
< SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i -v '(shell|/bin/sh) script( |$)'`
---
> SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i -v '(shell|/bin/sh) script( |$|,)'`
9885c9885
< SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i ' script( |$)'`
---
> SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i ' script( |$|,)'`

Comment by Lukas Fleischer (lfleischer) - Tuesday, 18 October 2011, 16:49 GMT

That sounds like it should be reported/sent to upstream (unless it's already fixed in their VCS).

Comment by Lukas Fleischer (lfleischer) - Monday, 24 October 2011, 19:04 GMT

Definitely an upstream bug [1], [2], [3]. Already fixed in CVS. Let's wait for the next release :)

[1] http://sourceforge.net/tracker/?func=detail&aid=3295660&group_id=155034&atid=794187
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641217
[3] http://sourceforge.net/mailarchive/message.php?msg_id=28119916

	Tasks related to this task (0)

Duplicate tasks of this task (1)
~~FS#26175 - rkhunter warning~~

Arch Linux

FS#26174 - [rkhunter] warning

Details

Loading...