Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#38 Support for OSF1 (HP Tru64)

main
closed-fixed
John Horne
5
2009-06-21
2009-04-14
daddyvu
No

Can you add support for Tru64 (OSF1) for both installation and execution of rkhunter? Right now, the script add a "-e" in front of each commands during installation and execution. Can I simply add OSF1 to the list of OPERATING_SYSTEM? For example:
# ./rkhunter --check
-e [ Rootkit Hunter version 1.3.4 ]
-e Checking system commands...

Also, I'd like to install rkhunter on a clustered. What option besides custom-installing rkhunter on two separate locations for each member. It would be nice if I can install in one location and invoke rkhunter with a location for the CONF file and the DB file.

Thanks.

Discussion

  • John Horne
    John Horne
    2009-04-20

    • milestone: --> main
    • assigned_to: nobody --> jhorne
     
  • John Horne
    John Horne
    2009-04-20

    Hi,

    Can you email me the output of the following commands on your Tru64 system please:

    1) 'uname'
    2) 'cat /etc/issue'
    3) ls -l '/etc/*release*'
    4) 'echo $SHELL' (when logged in as root)

    You can modify the installer and rkhunter use of OPERATING_SYSTEM if you are happy to do so (you will need the output of 'uname' to do that). Alternatively I can send you a copy of a new installer and rkhunter for Tru64 (but I will need the output of the above commands please).

    The final solution for the next release may well be different than just testing for Tru64, and hopefully will try and avoid this sort of problem for most systems.

    If you run 'rkhunter -h' you will see that there are command-line options in which you can specify the location of the configuration and database files. The database file location can also be specified in the configuration file (look for DBDIR).
    These should help you to be able to run RKH on a cluster.

    John.

     
  • daddyvu
    daddyvu
    2009-04-21

    John,

    Here are the output of the commands you requested:

    # uname
    OSF1
    # cat /etc/issue
    cat: cannot open /etc/issue
    # ls -l '/etc/*release*'
    ls: /etc/*release* not found
    # ls /etc/*release*
    No match.
    # echo $SHELL
    /bin/csh

    I have tried to add OSF1 to the OPERATING_SYSTEM in install.sh and rkhunter and ran each with the Korn shell (e.g., ksh installer.sh) and got "clean" execution, but just wanted to confirm with you that there is nothing platform specific that I may have missed by doing so.

    I will try to play with the rkhunter switches (e.g., --dbdir) in a cluster environment. Didn't think about the -h switch -- rookie mistake :-)

    Thanks for your help!

     
  • daddyvu
    daddyvu
    2009-04-21

    John,

    Just wanted to let you know that we can use the mkcdsl command to "copy the existing file or directory to a member-specific area on all members." So after the rkhunter install, I only need to run this command "mkdir /var/lib/rkhunter" (and nothing else) to have separate working directories for both members. That is the following directories/links will be created:

    /var/cluster/members/member1/lib/rkhunter (with the db and tmp sub-dirs)
    and
    /var/cluster/members/member2/lib/rkhunter

    And I can run rkhunter as normal, without specifying any command-line switches, on a cluster environment.

    Regards!

     
  • daddyvu
    daddyvu
    2009-05-04

    John,

    Any update on the new installer.sh/rkhunter to support HPTru64 (OSF1)?

    Thanks,
    Khanh

     
  • John Horne
    John Horne
    2009-05-08

    Sorry, no change yet. I'm really busy at work at the moment. However, I hope to get something started this weekend.

     
  • John Horne
    John Horne
    2009-06-21

    • status: open --> closed-fixed
     
  • John Horne
    John Horne
    2009-06-21

    Closing call - heard no more about this.