Threaded Mode | Linear Mode

aseques · 08-14-2008 07:54 PM

Hi, I saw that this problem appears in ubuntu 8.04 (probably lenny too) after a fresh install (at least in my case)
There are two different problems:
The first is that in the 1.3.x versions of rkhunter the options --scan-knownbad-files and --check-deleted are no longer supported, so the checks doesn't start.

The second is the message telling me that rkhunter.log doesn't exist, I looked at this:
The file is in the cron

Code:

0       */12    *       *       *       root /usr/bin/rkhunter --scan-knownbad-files --check-deleted --cronjob --createlogfile /var/log/rkhunter.log >/dev/null 2>&1

The permissions of the created log seem to be fine

Code:

# ls -l /var/log/rkhunter.log

-rw------- 1 root root 74991 2008-08-14 06:45 rkhunter.log

The openbasedir for master seems ok too

Code:

open_basedir = "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"

Cheers!

kilburn · 08-14-2008 08:45 PM

Quote:The permissions of the created log seem to be fine

Code:

# ls -l /var/log/rkhunter.log -rw------- 1 root root 74991 2008-08-14 06:45 rkhunter.log

Wrong. Since the panel gui runs as vu2000:vu2000, you need to change permissions to:

Code:

# ls -l /var/log/rkhunter.log

-rw-r----- 1 root vu2000 74991 2008-08-14 06:45 rkhunter.log

aseques · 08-15-2008 12:05 AM

Ok, changed ...
It would be nicer if it could be changed without having to chgrp or chmod the files by hand (haven't find the solution in the man so far)

About the two deprecated command, something should be done, since without removing those flags, the scanner won't start.

Regards

***RatS*** · 08-16-2008 10:51 PM

added in setup

aseques · 08-18-2008 05:36 PM

RatS Wrote:added in setup

Cool !

Threaded Mode \| Linear Mode Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" [Solved]
Author	Message