560562 – rkhunter errors on machines without xinetd

Bug 560562 - rkhunter errors on machines without xinetd

Summary: rkhunter errors on machines without xinetd

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	rkhunter
Sub Component:
Version:	12
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Kevin Fenzi
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-02-01 07:30 UTC by Ricky Zhou
Modified:	2010-07-15 21:00 UTC (History)
CC List:	4 users (show)
Fixed In Version:	rkhunter-1.3.6-7.fc12
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-06-05 18:07:14 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ricky Zhou 2010-02-01 07:30:55 UTC

Description of problem:
As described at http://forums.fedoraforum.org/showthread.php?p=1318325, rkhunter dies with:

Invalid XINETD_CONF_PATH configuration option - non-existent pathname specified: /etc/xinetd.conf

on machines without xinetd installed.

Version-Release number of selected component (if applicable):
rkhunter-1.3.6-4.fc12.noarch

Commenting out the line in the configuration seems to fix the problem without impacting xinetd checks on machines with xinetd.

Comment 1 Kevin Fenzi 2010-02-01 17:40:23 UTC

I would prefer if the check could just not run if there is no config file.

I'll look at patching that in. Thanks for the report!

Comment 2 Ricky Zhou 2010-02-01 21:47:50 UTC

Just to clarify - with the config line commented out, the check doesn't run if /etc/xinetd.conf doesn't exist.  However, it will run properly (it looks at /etc/xinetd.conf by default) even if the path isn't explicitly set in /etc/rkhunter.conf.

Or were you saying that you'd prefer if rkhunter did not die with an error if a nonexistent XINETD_CONF_PATH is specified?

Comment 3 Chris Schanzle 2010-02-10 16:10:01 UTC

I would prefer rkhunter not to error if XINETD_CONF_PATH does not exist.  You have the case where the default Fedora install + rkhunter (or a slightly hardened system w/o xinetd) doesn't get successful rkhunter scans "out of the box".  Thanks for looking into this!

Comment 4 Kevin Fenzi 2010-03-06 21:44:05 UTC

Sorry for the delay here. 

So, the real bug here is that if this path is set and doesn't exist, the script errors. 
I guess they assume if you set the path that it is correct. 

I will go ahead and just disable that path in the default config. 
Do you think this warrents f13/f12/f11 updates? Or shall I just fix in rawhide?

Comment 5 Kevin Fenzi 2010-03-06 22:10:36 UTC

http://koji.fedoraproject.org/koji/taskinfo?taskID=2036001 
for rawhide. 

I'm not sure this is worth pushing to stable releases for just this one change, but feel free to convince me. ;)

Comment 6 Nerijus Baliūnas 2010-06-21 17:41:43 UTC

rkhunter-1.3.6-6.fc13 was released with XINETD_CONF_PATH commented out, please issue update for F12 too.

Comment 7 Fedora Update System 2010-06-27 00:51:04 UTC

rkhunter-1.3.6-7.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/rkhunter-1.3.6-7.fc12

Comment 8 Kevin Fenzi 2010-06-27 00:51:59 UTC

Please test the f12 update and provide karma. Thanks.

Comment 9 Fedora Update System 2010-07-15 21:00:17 UTC

rkhunter-1.3.6-7.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.