Hello, Description of problem: A typical cron job execution will generate the following messages (sort|uniq -c): 1312 egrep: warning: egrep is obsolescent; using grep -E 3 grep: warning: stray \ before ! 50 grep: warning: stray \ before + 2 grep: warning: stray \ before - Version-Release number of selected component (if applicable): rkhunter-1.4.6-19.fc38.noarch How reproducible: Always
Yeah, thanks for the bug. I already have been working on fixing this...
FEDORA-2023-242497ad88 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-242497ad88
Hi, i think i found still some errors here. I did first (sorry, but i can't find a way to change to english, language=en didn't work here atm): # rkhunter --propupd [ Rootkit Hunter version 1.4.6 ] File updated: searched for 177 files, found 133 Then: # /etc/cron.daily/rkhunter expr: Syntaxfehler: unerwartetes Argument „0“ cut: Diese Option benötigt ein Argument -- »f« „cut --help“ liefert weitere Informationen. expr: Syntaxfehler: unerwartetes Argument „0“ cut: Diese Option benötigt ein Argument -- »f« „cut --help“ liefert weitere Informationen. grep: Warnung: überzähliges \ vor ! grep: Warnung: überzähliges \ vor ! grep: Warnung: überzähliges \ vor ! and then i got the following output per mail: --------------------- Start Rootkit Hunter Update --------------------- [ Rootkit Hunter version 1.4.6 ] Checking rkhunter data files... Checking file mirrors.dat [ No update ] Checking file programs_bad.dat [ No update ] Checking file backdoorports.dat [ No update ] Checking file suspscan.dat [ No update ] Checking file i18n/cn [ No update ] Checking file i18n/de [ No update ] Checking file i18n/en [ No update ] Checking file i18n/tr [ No update ] Checking file i18n/tr.utf8 [ No update ] Checking file i18n/zh [ No update ] Checking file i18n/zh.utf8 [ No update ] Checking file i18n/ja [ No update ] ---------------------- Start Rootkit Hunter Scan ---------------------- Warning: The file properties have changed: File: /usr/bin/grep Current inode: 2514866 Stored inode: File Warning: The file properties have changed: File: /usr/bin/grep Current inode: 2514866 Stored inode: File ----------------------- End Rootkit Hunter Scan ----------------------- This warning about grep comes every time i try. Even after "--propupd" first.
Yeah. ;( Just saw the same thing here... I'll poke it some more.
FEDORA-2023-242497ad88 has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-242497ad88` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-242497ad88 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
*** Bug 2188801 has been marked as a duplicate of this bug. ***
With rkhunter-1.4.6-20.fc38.noarch I still get warnings about grep, although I ran: # rkhunter --propupd grep [ Rootkit Hunter version 1.4.6 ] File updated: searched for 179 files, found 3 of 147 And some other syntax problems too: expr: syntax error: unexpected argument „0“ cut: option requires an argument -- 'f' Try 'cut --help' for more information. expr: syntax error: unexpected argument „0“ cut: option requires an argument -- 'f' Try 'cut --help' for more information. grep: warning: stray \ before ! grep: warning: stray \ before ! grep: warning: stray \ before !
I'm seeing these warnings from rkhunter daily ---------------------- Start Rootkit Hunter Scan ---------------------- Warning: The file properties have changed: File: /usr/bin/grep Current inode: 1469101 Stored inode: File Warning: The file properties have changed: File: /usr/bin/grep Current inode: 1469101 Stored inode: File Warning: Suspicious file types found in /dev: /dev/shm/lttng-ust-wait-8-42: data /dev/shm/lttng-ust-wait-8: data ----------------------- End Rootkit Hunter Scan ----------------------- Should they be generated or is it a problem with whichever packages own these files?
Yeah, I am painfully aware the patch is incomplete. I am getting emails too. ;) I just haven't had any time to continue to work on it... hopefully this weekend between yardwork I can. if anyone would like to work on a PR before then, help gladly accepted. ;)
No worries Kevin, and lots of strokes for the hounds.
FEDORA-2023-8bdfa4e41f has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-8bdfa4e41f
ok. Please test this new one. I took a different approach and it's much simplier and hopefully covers it all.
Seems OK for me, updated and ran with --propupd, I then ran rkhunter from the shell, via a cron job and had none of the grep warnings.
FEDORA-2023-8bdfa4e41f has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-8bdfa4e41f` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-8bdfa4e41f See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
I am still seeing this from the cron.daily anacron run: /etc/cron.daily/rkhunter: expr: syntax error: unexpected argument ‘0’ cut: option requires an argument -- 'f' Try 'cut --help' for more information. Not certain it's the same issue but it looks like part of the message from the -20 package.
FEDORA-2023-8bdfa4e41f has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.
(In reply to Brian Morrison from comment #15) > I am still seeing this from the cron.daily anacron run: > > /etc/cron.daily/rkhunter: > > expr: syntax error: unexpected argument ‘0’ cut: option requires an argument > -- 'f' Try 'cut --help' for more information. > > Not certain it's the same issue but it looks like part of the message from > the -20 package. And this morning I don't see this, looks like it is sorted out. Thanks Kevin.
I can confirm issue is resolved. Thank you.