On Sat, 31 Jan 2015 12:17:47 +0000, Mick wrote: > > You can tell rkhunter to ignore them. > > > > % grep grep /etc/rkhunter.conf.local > > SCRIPTWHITELIST=/bin/egrep > > SCRIPTWHITELIST=/bin/fgrep > > I've also been getting the same warning for: > > Warning: The command '/usr/bin/ldd' has been replaced by a script: > /usr/bin/ldd: Bourne-Again shell script, ASCII text executable > > Warning: The command '/usr/bin/whatis' has been replaced by a script: > /usr/bin/whatis: POSIX shell script, ASCII text executable > > Should I treat them the same?
I do, here's my full list of whitelisted scripts % grep SCRIPT /etc/rkhunter.conf.local SCRIPTWHITELIST=/usr/bin/ldd SCRIPTWHITELIST=/usr/bin/whatis SCRIPTWHITELIST=/usr/bin/lwp-request SCRIPTWHITELIST=/bin/egrep SCRIPTWHITELIST=/bin/fgrep Check that the files are as installed by portage, using something like qcheck, before you whitelist anything. -- Neil Bothwick A wok is what you throw at a wabbit.
pgp2YDFHmx14X.pgp
Description: OpenPGP digital signature
