On Monday 26 Jan 2015 22:53:53 Neil Bothwick wrote:
> On Mon, 26 Jan 2015 11:27:05 -0500, Alec Ten Harmsel wrote:
> > >> # grep Warning /var/log/rkhunter.log
> > >>
> > >> [03:10:32] Info: Emailing warnings to 'root' using command
> > >> '/bin/mail
> > >
> > > -s "[rkhunter] Warnings found for ${HOST_NAME}"'
> > >
> > >> [03:10:45] /bin/egrep
> > >> [ Warning ] [03:10:45] Warning: The command '/bin/egrep' has been
> > >> replaced by a
> > >
> > > script: /bin/egrep: POSIX shell script, ASCII text executable
> > >
> > >> [03:10:45] /bin/fgrep
> > >> [ Warning ] [03:10:45] Warning: The command '/bin/fgrep' has been
> > >> replaced by a
> > >
> > > script: /bin/fgrep: POSIX shell script, ASCII text executable
> > >
> > > Anyone know if this is due to something changing in Gentoo?
> >
> > Upstream changed egrep and fgrep from binaries to shell scripts.
>
> This happened a while ago on testing portage but the version with the
> change only hit stable at the weekend.
>
> You can tell rkhunter to ignore them.
>
> % grep grep /etc/rkhunter.conf.local
> SCRIPTWHITELIST=/bin/egrep
> SCRIPTWHITELIST=/bin/fgrepI've also been getting the same warning for: Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script, ASCII text executable Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: POSIX shell script, ASCII text executable Should I treat them the same? -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
