[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rkhunter warnings

On Thu, 2006-10-12 at 19:10 +0530, Vikram Goyal wrote:
> Hello,
> I'm using FC5 and recently I started getting warnings from rkhunter cron
> check. I manually also updated the hashes with same results.
> What may be the reason??? Any ideas...Anything to worry...
It's an SELinux problem. It prevents the prelink command from returning
a hash value. I've already logged this with redhat (see
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209951 )

If you want to disable the MD5 checks then use the '--dmc' command-line
option. Alternatively, you can disable SELinux using 'setenforce 0'
before running RKH if you want to, and then re-enable it using
'setenforce 1' (not ideal of course!)

The problem has a workaround in CVS, however a lot of work is still
going on with rkhunter so CVS may become unreliable.

Hopefully redhat will get an SELinux update out soon to resolve this.


John Horne, University of Plymouth, UK  Tel: +44 (0)1752 233914
E-mail: John Horne plymouth ac uk       Fax: +44 (0)1752 233839

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]