after a bit of struggling I found out how to cleanly install rkhunter ... maybe this is useful for you: * Download rkhunter (I downloaded v 1.2.8) * mv /etc/rpm/platform /root/etc_rpm_platform * setarch i386 rpmbuild -ta --target=i386 rkhunter-1.2.8.tar.gz * mv /root/etc_rpm_platform /etc/rpm/platform * rpm -ivh /usr/src/redhat/RPMS/noarch/rkhunter-1.2.8-1.noarch.rpm * wget http://prdownloads.sourceforge.net/rkhunter/hashupd.sh?download * chmod +x hashupd.sh * ./hashupd.sh In general I had 2 problems: * On my 64 bit machine, the __libdir was set to /usr/lib64 whereas rkhunter uses an ugly "/usr/lib" (solved with moving the platform file temporarily) * rkhunter -c showed me all the binaries in /bin /sbin/ and /usr/bin as 'bad'. (solved with downloading and calling ./hashupd.sh)
You can (should) use the pre-built rk-hunter package in KBS-Extras(http://centos.karan.org, or http://wiki.centos.org/Repositories). It's prebuilt for you, which solves have your issue. The other half is because rkhunter doesn't play well with prelink, which runs as a cron job and ensures that applications load as quickly as possible. There are workarounds for this, and I believe there's a patch to rkhunter which resolves it. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
