Am 14.06.2012 10:41, schrieb Ed Greshko: > On 06/14/2012 04:16 PM, Reindl Harald wrote: >> after upgrade a test-VM to F17 i get this rkhunter warnings >> i can not really believe that there is a rootkit not existing >> on the F16 setup and think this is a false positive >> >> can anybody confirm this or should i make a bugreport now? >> >> -------- Original-Nachricht -------- >> Betreff: rkhunter Daily Run on testserver >> Datum: Thu, 14 Jun 2012 03:49:14 +0200 >> Von: root >> An: rhsoft@xxxxxxx >> >> --------------------- Start Rootkit Hunter Update --------------------- >> [ Rootkit Hunter version 1.4.0 ] >> >> Checking rkhunter data files... >> Checking file mirrors.dat [ No update ] >> Checking file programs_bad.dat [ No update ] >> Checking file backdoorports.dat [ No update ] >> Checking file suspscan.dat [ No update ] >> Checking file i18n/cn [ No update ] >> Checking file i18n/de [ No update ] >> Checking file i18n/en [ No update ] >> Checking file i18n/zh [ No update ] >> Checking file i18n/zh.utf8 [ No update ] >> >> ---------------------- Start Rootkit Hunter Scan ---------------------- >> Warning: 'Spanish' Rootkit [ Warning ] >> File '/bin/ad' found >> Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip compressed data, from Unix, max compression >> >> ----------------------- End Rootkit Hunter Scan ----------------------- >> > > Well, I have no /bin/ad file and "yum whatprovides /bin/ad" returns nothing.... on > both F16 and F17 > > /usr/share/man/man5/.k5identity.5.gz is part of krb5-libs on F17 but not F16 https://bugzilla.redhat.com/show_bug.cgi?id=831989 seems like this is caused by UsrMove it is intentionally /usr/bin/ad 4:netatalk-2.2.2-1.fc17.x86_64 : Daemon which provides POSIX-compliant *NIX/*BSD systems with the ability to : share files and printers with Apple Macintosh Repo : @fedora Übereinstimmung von: Dateiname : /bin/ad
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org