Bug 828331 - check scan incorrectly handles file names with spaces
check scan incorrectly handles file names with spaces
Status: CLOSED ERRATA
Product: Fedora EPEL
Classification: Fedora
Component: rkhunter (Show other bugs)
el6
Unspecified Unspecified
unspecified Severity medium
: ---
: ---
Assigned To: Kevin Fenzi
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-04 11:36 EDT by Tony Schreiner
Modified: 2014-11-06 21:39 EST (History)
2 users (show)

See Also:
Fixed In Version: rkhunter-1.4.2-5.fc19
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-03-15 11:01:30 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tony Schreiner 2012-06-04 11:36:22 EDT
Description of problem:
rkunter check complains with
Invalid ALLOWDEVFILE configuration option: Invalid pathname: (word)
when it encounters file names with spaces. In my case there are a few offending files:
/dev/.udev/db/drivers:Intel SCB2 BIOS Flash
/dev/.udev/db/platform:Fixed MDIO bus.0
/dev/.udev/db/drivers:Generic PHY

leading to the error messages
Invalid ALLOWDEVFILE configuration option: Invalid pathname: PHY
Invalid ALLOWDEVFILE configuration option: Invalid pathname: SCB2
Invalid ALLOWDEVFILE configuration option: Invalid pathname: BIOS
Invalid ALLOWDEVFILE configuration option: Invalid pathname: Flash
Invalid ALLOWDEVFILE configuration option: Invalid pathname: MDIO
Invalid ALLOWDEVFILE configuration option: Invalid pathname: bus.0

rkhunter does not complete the scan

Version-Release number of selected component (if applicable):
1.4.0

How reproducible:
have removed rkhunter and reinstalled, and also rebooted system

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Kevin Fenzi 2012-06-04 18:25:42 EDT
This looks like a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=674245

This was supposed to be fixed in 1.4.x I thought, but perhaps not. 

What ALLOWDEVFILE directives do you have in /etc/rkhunter.conf ? 

Can you try: 

1. escaping the spaces with \ 
2. Putting "s around the entire path
3. Using %20 instead of space.
4. Use a wildcard (*) instead of the path part that has spaces.  

and see if any of those work?
Comment 2 Tony Schreiner 2012-06-05 10:04:27 EDT
I am using the default /etc/rkhunter.conf that came with the update.

These are all the ALLOWDEVFILE lines
#ALLOWDEVFILE="/dev/shm/pulse-shm-*"
#ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
ALLOWDEVFILE=/dev/shm/pulse-shm-*
ALLOWDEVFILE=/dev/md/md-device-map
ALLOWDEVFILE="/dev/shm/mono.*"
ALLOWDEVFILE="/dev/shm/libv4l-*"
ALLOWDEVFILE="/dev/shm/spice.*"
ALLOWDEVFILE=/dev/.mdadm.map
ALLOWDEVFILE=/dev/.udev/queue.bin
ALLOWDEVFILE=/dev/.udev/db/*
ALLOWDEVFILE=/dev/.udev/rules.d/99-root.rules

I have added quotes
ALLOWDEVFILE="/dev/.udev/db/*"

but the issue persists
Comment 3 Kevin Fenzi 2012-06-08 11:21:09 EDT
Would you be willing to report this upstream?

rkhunter-users@lists.sourceforge.net 

If not, I will try and do so...
Comment 4 Tony Schreiner 2012-06-08 15:02:15 EDT
Will do.
Comment 5 Fedora Update System 2014-03-14 12:41:04 EDT
rkhunter-1.4.2-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-1.fc20
Comment 6 Fedora Update System 2014-03-14 12:43:25 EDT
rkhunter-1.4.2-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-1.fc19
Comment 7 Fedora Update System 2014-03-14 12:52:51 EDT
rkhunter-1.4.2-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-1.el6
Comment 8 Fedora Update System 2014-03-15 11:01:30 EDT
rkhunter-1.4.2-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2014-03-30 14:47:13 EDT
rkhunter-1.4.2-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2014-10-27 11:57:46 EDT
rkhunter-1.4.2-5.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-5.fc19
Comment 11 Fedora Update System 2014-11-06 21:39:58 EST
rkhunter-1.4.2-5.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.