On Sun, 02 Feb 2014 20:27:43 -0500, William wrote: > Michael asks: > > > Could you give an example showing the queries you've performed? > > > > "whereis" looks for files available on the file-system in various paths. > > "rpm" only covers files included in installed RPM packages as tracked by > > the local RPM database. > > I'll show rkhunter log entries, "rpm -V" output, and "whereis" output > for 6 packages... > Here are 6 of the messages from the rkhunter log: > [18:55:34] Info: The command 'rpm -qf --queryformat... > /usr/sbin/chkconfig' gave error code 1.
Here you would need to find out the exact query options. The log output is not useful, but the rkhunter shell script tells what has happened when it prints this. The previous rpm query has succeeded, and it tried to query the RPM database for file attributes and checksums. For someone who can reproduce the log message, it should be an easy task to examine the issue. > Here's the rpm -V output for those same 6 packages: > bash.11[~]: rpm -V chkconfig > bash.12[~]: rpm -V fuser > package fuser is not installed That's a wrong query. /usr/sbin/fuser is not included in package "fuser" but "psmisc". You can use the "-qf" query to return the package a file is included in: # rpm -qf /usr/sbin/fuser psmisc-22.20-3.fc20.x86_64 # rpm -V -qf /usr/sbin/fuser # > bash.13[~]: rpm -V ifconfig > package ifconfig is not installed > bash.14[~]: rpm -V route > package route is not installed > bash.15[~]: rpm -V rsyslogd > package rsyslogd is not installed > bash.16[~]: > bash.32[~]: rpm -V mail > package mail is not installed Same here. > Here's the whereis output for those same 6 packages: > bash.16[~]: whereis chkconfig > chkconfig: /usr/sbin/chkconfig /etc/chkconfig.d > /usr/share/man/man8/chkconfig.8.gz What does that tell in your opinion? "whereis" doesn't examine the RPM database. If you give "rpm" the path to the program, a query would work like this: # rpm -qf $(which chkconfig) chkconfig-1.3.60-4.fc20.x86_64 -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
