Hi, On Thursday, 21 January 2021 20:24:14 GMT home user wrote: > I just finished doing my weekly patches for my F32 workstation. The > sequence (done as root): > 1. rkhunter --check > (clean) > 2. dnf --refresh upgrade dnf > (nothing to do) > 3. dnf upgrade > (no hint of trouble) > 4. reboot > (no hint of trouble) > 5. rkhunter --check > (trouble!) > > I put the rkhunter log file on the google drive; here is the link: > "https://drive.google.com/file/d/1asJQhjhffxOklGivzFLeKV5-gaEVCwYX/view?usp= > sharing". > The file properties checks warning are common after a weekly patching; > ignore those. > > The first warning of concern is line #1470: > "[12:33:02] Checking for file '/lib/libkeyutils.so.1.9' [ Warning ] > [12:33:02] Checking for file '/lib64/libkeyutils.so.1.9' [ Warning ] > [12:33:02] Checking for file '/usr/lib/libkeyutils.so.1.9' [ Warning ] > [12:33:02] Checking for file '/usr/lib64/libkeyutils.so.1.9' [ > Warning ]". > > The next is in line #1602: > "[12:33:08] Warning: Checking for possible rootkit files and directories > [ Warning ] > [12:33:08] Found file '/lib/libkeyutils.so.1.9'. Possible > rootkit: Sniffer component > [12:33:08] Found file '/lib64/libkeyutils.so.1.9'. Possible > rootkit: Sniffer component > [12:33:08] Found file '/usr/lib/libkeyutils.so.1.9'. Possible > rootkit: Sniffer component > [12:33:08] Found file '/usr/lib64/libkeyutils.so.1.9'. Possible > rootkit: Sniffer component".
<snip> > Are the warnings actual problems or false alarms? > If the problems are real, how do I fix? Re-installing is impractical. Nothing serious, the bug report can be found here and a new rkhunter is in updates-testing for F32/33/34 and fixes the warnings.. https://bugzilla.redhat.com/show_bug.cgi?id=1914662 Cheers Colin -- Fedora 33 _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
