Bug 828331 - check scan incorrectly handles file names with spaces
Summary: check scan incorrectly handles file names with spaces
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: rkhunter
Version: el6
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
Assignee: Kevin Fenzi
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-06-04 15:36 UTC by Tony Schreiner
Modified: 2014-11-07 02:39 UTC (History)
2 users (show)

Fixed In Version: rkhunter-1.4.2-5.fc19
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-03-15 15:01:30 UTC
Type: Bug


Attachments (Terms of Use)

Description Tony Schreiner 2012-06-04 15:36:22 UTC
Description of problem:
rkunter check complains with
Invalid ALLOWDEVFILE configuration option: Invalid pathname: (word)
when it encounters file names with spaces. In my case there are a few offending files:
/dev/.udev/db/drivers:Intel SCB2 BIOS Flash
/dev/.udev/db/platform:Fixed MDIO bus.0
/dev/.udev/db/drivers:Generic PHY

leading to the error messages
Invalid ALLOWDEVFILE configuration option: Invalid pathname: PHY
Invalid ALLOWDEVFILE configuration option: Invalid pathname: SCB2
Invalid ALLOWDEVFILE configuration option: Invalid pathname: BIOS
Invalid ALLOWDEVFILE configuration option: Invalid pathname: Flash
Invalid ALLOWDEVFILE configuration option: Invalid pathname: MDIO
Invalid ALLOWDEVFILE configuration option: Invalid pathname: bus.0

rkhunter does not complete the scan

Version-Release number of selected component (if applicable):
1.4.0

How reproducible:
have removed rkhunter and reinstalled, and also rebooted system

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Kevin Fenzi 2012-06-04 22:25:42 UTC
This looks like a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=674245

This was supposed to be fixed in 1.4.x I thought, but perhaps not. 

What ALLOWDEVFILE directives do you have in /etc/rkhunter.conf ? 

Can you try: 

1. escaping the spaces with \ 
2. Putting "s around the entire path
3. Using %20 instead of space.
4. Use a wildcard (*) instead of the path part that has spaces.  

and see if any of those work?

Comment 2 Tony Schreiner 2012-06-05 14:04:27 UTC
I am using the default /etc/rkhunter.conf that came with the update.

These are all the ALLOWDEVFILE lines
#ALLOWDEVFILE="/dev/shm/pulse-shm-*"
#ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
ALLOWDEVFILE=/dev/shm/pulse-shm-*
ALLOWDEVFILE=/dev/md/md-device-map
ALLOWDEVFILE="/dev/shm/mono.*"
ALLOWDEVFILE="/dev/shm/libv4l-*"
ALLOWDEVFILE="/dev/shm/spice.*"
ALLOWDEVFILE=/dev/.mdadm.map
ALLOWDEVFILE=/dev/.udev/queue.bin
ALLOWDEVFILE=/dev/.udev/db/*
ALLOWDEVFILE=/dev/.udev/rules.d/99-root.rules

I have added quotes
ALLOWDEVFILE="/dev/.udev/db/*"

but the issue persists

Comment 3 Kevin Fenzi 2012-06-08 15:21:09 UTC
Would you be willing to report this upstream?

rkhunter-users@lists.sourceforge.net 

If not, I will try and do so...

Comment 4 Tony Schreiner 2012-06-08 19:02:15 UTC
Will do.

Comment 5 Fedora Update System 2014-03-14 16:41:04 UTC
rkhunter-1.4.2-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-1.fc20

Comment 6 Fedora Update System 2014-03-14 16:43:25 UTC
rkhunter-1.4.2-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-1.fc19

Comment 7 Fedora Update System 2014-03-14 16:52:51 UTC
rkhunter-1.4.2-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-1.el6

Comment 8 Fedora Update System 2014-03-15 15:01:30 UTC
rkhunter-1.4.2-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2014-03-30 18:47:13 UTC
rkhunter-1.4.2-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2014-10-27 15:57:46 UTC
rkhunter-1.4.2-5.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/rkhunter-1.4.2-5.fc19

Comment 11 Fedora Update System 2014-11-07 02:39:58 UTC
rkhunter-1.4.2-5.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.