Bug 176519
Summary: | rkhunter 1.2.7 reports bad dmesg login kill mount after update or util-linux from download.fedoralegacy.org | ||
---|---|---|---|
Product: | [Retired] Fedora Legacy | Reporter: | Harold Henry <harold_henry> |
Component: | util-linux | Assignee: | Fedora Legacy Bugs <bugs> |
Status: | CLOSED UPSTREAM | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | rhl9 | CC: | deisenst, pekkas |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | Rkhunter author has not responded to my 4 attempts | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-01-01 13:18:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Harold Henry
2005-12-24 01:20:21 UTC
Perhaps we need to contact the author of rootkit-hunter, and ask him if he has included the MD5 hashes for Fedora Legacy's updated utilities. The util-linux package contains core system utilities. All four utilities that you mentioned (dmesg, kill, login, and mount) are part of the util-linux package. Those utilities would likely have changed their MD5 hashes because they are compiled on Fedora Legacy's build server, not Red Hat's. Harold, would you file a report at the rootkit author's (Michael Boelen's) support website (at http://www.rootkit.nl/contact/) and include a pointer URL to this bug report? Also, please let us know in this bug ticket what response you receive? This issue will affect how rootkit-hunter processes util-linux utilities from all four distributions that Fedora Legacy supports: RHL 7.3, RHL9, FC1 and FC2, and therefore the upstream author's hashes will need to be updated for these four sets of packages: Red Hat Linux 7.3: http://download.fedoralegacy.org/redhat/7.3/updates/i386/util-linux-2.11n-12.7.3.2.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/mount-2.11n-12.7.3.2.legacy.i386.rpm Red Hat Linux 9: http://download.fedoralegacy.org/redhat/9/updates/i386/mount-2.11y-9.2.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/util-linux-2.11y-9.2.legacy.i386.rpm Fedora Core 1: http://download.fedoralegacy.org/fedora/1/updates/i386/mount-2.11y-29.2.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/util-linux-2.11y-29.2.legacy.i386.rpm Fedora Core 2: http://download.fedoralegacy.org/fedora/2/updates/i386/util-linux-2.12-19.1.legacy.i386.rpm (the mount utility is contained in the util-linux package for FC2). Thanks for reporting this here and taking care of reporting this issue upstream for you and us! Pekka, when you have time, can you close this bug either "UPSTREAM" or "CANTFIX"? (I still don't have the ability to affect Bugzilla tickets I haven't created or don't own.) rkhunter is not one of Fedora Legacy's supported packages, so we cannot fix this issue. Upstream can. Have asked the reporter to take this issue upstream, so if he cares about this issue, he will do so. Thanks! -David Closing, thanks. (In reply to comment #0) > From Bugzilla Helper: > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051111 Firefox/1.5 > > Description of problem: > I am not sure if this is your problem or rkhunter. Yes I did rkhunter --update. > Hope this is right place to report if not I am sorry. rkhunter --checkall reports > bad hashes for dmesg, kill, login and mount. Thanks for your time. > > Version-Release number of selected component (if applicable): > util-linux-2.11y-9.2.legacy > > How reproducible: > Always > > Steps to Reproduce: > 1. rkhunter --checkall > 2. > 3. > > > Actual Results: /bin/dmesg [ BAD ] > /bin/egrep [ OK ] > /bin/env [ OK ] > /bin/fgrep [ OK ] > /bin/grep [ OK ] > /bin/kill [ BAD ] > /bin/login [ BAD ] > /bin/ls [ OK ] > /bin/mount [ BAD ] > /bin/netstat [ OK ] > > > Expected Results: All be OK > > Additional info: > > Used rkhunter 1.2.7 > I am rating low unless you think oterwise and it may not be your problem at ALL . |