[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rkhunter warnings

On Mon, 2006-10-16 at 14:40 +0100, Neil Bird wrote:
> Around about 16/10/06 11:49, John Horne typed ...
> > If you want to disable the MD5 checks then use the '--dmc' command-line
> > option. Alternatively, you can disable SELinux using 'setenforce 0'
> > before running RKH if you want to, and then re-enable it using
> > 'setenforce 1' (not ideal of course!)
>    FWIW, I'm getting the same thing, but selinux is already off.  After a 
> small sanity check, I'm just ignoring the emails for now :-/
In which case it is probably prelinking that is causing your problem. If
you go to the rkhunter sourceforge web site you can download the
'hashupd' script which will update your hashes locally with your current
prelinked values.

The next release of rkhunter will incorporate hash updating for users.
So if prelinking causes your hashes to be invalid you can then run rkh
with some option and it will locally update your hashes for you. That's
the plan anyway... :-)


John Horne, University of Plymouth, UK  Tel: +44 (0)1752 233914
E-mail: John Horne plymouth ac uk       Fax: +44 (0)1752 233839

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]