Hide Forgot
please remove the dependency of "prelink" prelink is chaning binarys and this is exactly a thing you won't in this context, rkhunter possibly needs the help of prelink to verify integrity of packages which files are prelinked but it should not require tis changes which are happening by the daily cronjob of prelink
Well rkhunter uses prelink if it's installed to determine the correct hash for files, and prelink is installed by default. So, I suppose we could drop the dep here. The case it wouldn't be good for would be: - someone installs and prelink runs it's weekly run. - someone removes prelink. - run rkhunter (since binaries are prelinked and it doesn't have prelink to use, it may report false positives) I don't suppose that would be too many users however. Or they could re-install and unprelink everything to fix it.
please do this! there are thousands of servers out there where rkhunter is really useful and prelink absolutely useless but installed as dependencie on modern hardware i see generally no reason for prelink
rkhunter-1.3.8-6.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/rkhunter-1.3.8-6.fc15
hm strange behavior, something goes here terrible wrong wihtout "--hash sha1sum" it does not find a hash function with "--hash sha1" or "--hash md5" like --help says it appears that it tries "sha" or "md5" as command but why does "rkhunter" skip chekcsums if prelink is not present it is a little idiotic rely on something that changes the binaries normally i would expect that "--propupd" calculates cheksums of the installed and unmodified binaries and cries out loud if they are modified without calling "--propupd" again [root@buildserver:~]$ rkhunter --propupd --hash sha1sum [root@buildserver:~]$ rkhunter --check --hash sha1sum Warning: Checking for prerequisites [ Warning ] All file hash checks will be skipped because: Unable to find 'prelink' command.
well, fixed by look in the source: "rm -f /etc/prelink.cache" so this affects only systems which had prelink installed i guess "yum remove prelink" should do "rm -f /etc/prelink.cache" /etc/rkhunter.conf.local: HASH_FUNC=sha1sum thank you for changing the dependencies i did a "rpmbuild --rebuild" on the F15-src.rpm for our F14 infrastructure
Yeah, this is the case I was talking about above. If you had prelink and later remove it, you need to make sure and remove it's cache/prelinking of binaries. ;(
no problem - i did know about "prelink -u -a" but was not aware of the cache-file because who hurts if not any software check its exists - ok rkhunter does :-) but since prelink is in the default-install it should not hurt much users i hate prelink from its first day beuase its cronjob is bringing down low-end machines as it runs and you can never stat so many programs so much faster to benefit really from it
Package rkhunter-1.3.8-6.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing rkhunter-1.3.8-6.fc15' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/rkhunter-1.3.8-6.fc15 then log in and leave karma (feedback).
rkhunter-1.3.8-6.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.