[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rkhunter warnings



On Thu, 2006-10-12 at 19:10 +0530, Vikram Goyal wrote:
> Hello,
> 
> I'm using FC5 and recently I started getting warnings from rkhunter cron
> check. I manually also updated the hashes with same results.
> 
> What may be the reason??? Any ideas...Anything to worry...
> 
It's an SELinux problem. It prevents the prelink command from returning
a hash value. I've already logged this with redhat (see
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209951 )

If you want to disable the MD5 checks then use the '--dmc' command-line
option. Alternatively, you can disable SELinux using 'setenforce 0'
before running RKH if you want to, and then re-enable it using
'setenforce 1' (not ideal of course!)

The problem has a workaround in CVS, however a lot of work is still
going on with rkhunter so CVS may become unreliable.

Hopefully redhat will get an SELinux update out soon to resolve this.



John.

-- 
---------------------------------------------------------------
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 233914
E-mail: John Horne plymouth ac uk       Fax: +44 (0)1752 233839


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]