On Thu, 2009-01-08 at 16:42 +0000, John Horne wrote: > On Thu, 2009-01-08 at 09:38 -0500, Gene Heskett wrote: > > They say a little paranoia is a good thing, so I installed the rkhunter rpm, > > which in turn apparently sets itself up as a cron job. > > > > I got emails from it bitching about a couple of perfectly legit files, and I > > found out where to whitelist them, so that warning is gone. While I was at > > it I enabled another set of tests that weren't by default, the > > additional_rkts. > > > > Now it is complaining about the lack of copies for passwd and group, but they > > do exist as name- files. Is this a foible of rkhunter, or a redhatism? > > > > Recommended fix? > > > Do nothing. When rkhunter is first run it has no copy of the > passwd/group files to check against for changes. Hence the warning. As > it runs, it will take a copy. When it runs again, it then has a copy, so > the warning goes away. > Hmm, actually thinking about it the rkhunter.spec file specifies to install copies of the files when the rpm is installed. As such the error should not have occurred. May want to raise that with the packager of the rpm (i.e. report it via the fedora bugzilla). John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 E-mail: John.Horne@xxxxxxxxxxxxxx Fax: +44 (0)1752 587001 -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
