Description of problem: rkhunter shows warning message about a hidden file. I guess it should not. Version-Release number of selected component (if applicable): 1.4.6 How reproducible: Steps to Reproduce: 1. rkhunter --update 2. rkhunter --propupd 3. rkhunter --check --skip-keypress 4. check the log-file (/var/log/rkhunter/rkhunter.log), and/or mail if configured. Actual results: Warnung: Versteckte Datei gefunden: /usr/share/man/man5/.containerignore.5.gz: gzip compressed data, max compression, from Unix, truncated Expected results: no message Additional info:
# rpm -qf /usr/share/man/man5/.containerignore.5.gz containers-common-1-32.fc35.noarch
Thanks for the report, will work on a update soon.
FEDORA-2021-7575a5ecf7 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-7575a5ecf7
FEDORA-2021-7575a5ecf7 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-7575a5ecf7` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-7575a5ecf7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Works well. Thank you for fixing this.
FEDORA-2021-7575a5ecf7 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.
Well, I have the new package on one of my Fedora 35 systems and every day I get this in my rkhunter log: ---------------------- Start Rootkit Hunter Scan ---------------------- Warning: Hidden file found: /usr/share/man/man5/.containerignore.5.gz: gzip compressed data, max compression, from Unix, truncated ----------------------- End Rootkit Hunter Scan ----------------------- No idea why the fix doesn't work here $ rpm -qi rkhunter Name : rkhunter Version : 1.4.6 Release : 14.fc35 Architecture: noarch Install Date: Sat 06 Nov 2021 18:47:09 GMT Group : Unspecified Size : 868715 License : GPLv2+ Signature : (none) Source RPM : rkhunter-1.4.6-14.fc35.src.rpm Build Date : Sat 06 Nov 2021 17:46:45 GMT Build Host : buildvm-s390x-22.s390.fedoraproject.org Packager : Fedora Project Vendor : Fedora Project URL : http://rkhunter.sourceforge.net/ Bug URL : https://bugz.fedoraproject.org/rkhunter Summary : A host-based tool to scan for rootkits, backdoors and local exploits Description : Rootkit Hunter (RKH) is an easy-to-use tool which checks computers running UNIX (clones) for the presence of rootkits and other unwanted tools.
Ah, OK, found the rpmnew file on the errant system. No idea how the original .conf got modified. Sorry for the noise.
I see that this issue is closed, but I am seeing it on Fedora 36 which I just recently installed.
What version of rkhunter do you have? (rpm -q rkhunter) Do you have a /etc/rkhunter.conf.rpmnew file?
No, but when reading your reply it dawned on me that my system config tools manage the /etc/rkhunter.conf file, so since it is my first experience with Fedora in years I simple needed to define the Fedora specific exceptions there. Sorry for the noise. :)