#40 Friendlier version mismatch error handling

[Matthew M. Ogilvie]

The day after rkhunter 1.4.2 was released, I got a really
opaque and somewhat scary email message from cron:

"Error: Invalid display - keyword cannot be found: Display line: display --to LOG --type INFO NETWORK_PROMISC_NO_IP"

It took some digging to realize this basically just meant:

"Error: Unable to find the 'en' translation for the NETWORK_PROMISC_NO_IP
message, with priority INFO. Perhaps you need to upgrade rkhunter,
and/or run rkhunter --update."

And that this was apparently caused by the removal of
NETWORK_PROMISC_NO_IP from the auto-updated DB file to correspond
to the not-auto-upgraded version of rkhunter that was just
released.

This prompts me to make some possible suggestions to make
the upgrade situation a little more user friendly in the future:

1. Include a versioning scheme with the files that are updated
   by rkhunter --update. rkhunter should issue a version warning
   if the version(s) in the file are not supported (too new
   or too old). Perhaps just a single version (simplest), or to
   allow for multiple supported versions, the version data in the
   files could be a list of acceptable versions of rkhunter,
   or something else (e.g. distinguish major vs minor parts of
   version number...)

2. Improve the missing-translation error message. See one
   suggestion above. Also consider maybe outputing it the same way
   as a successfull message output, instead of stderr where even an
   unimportant message will be forwarded by a cronjob that
   is not expected to send anything except on a compromised
   machine...

3. Perhaps next time a translation phrase becomes obsolete, it
   might be handy to wait at least a few days after a new release
   before removing it from the auto-updated i18n file? Give
   distributions some time to package up the new version, and
   system administrators time to install it...

[unSpawn]

No argument from me, valid points indeed. Are you interested in backing your suggestions up with code? Would be appreciated.

[Matthew M. Ogilvie]

Attachment 0001-clarify...: Try to make the error message for a missing i18n message more comprehensible for someone who hasn't studied rkhunter enough to know that "display" is the internal function name for displaying i18n messages.

[Matthew M. Ogilvie]

Attachment 0002-auto-check: Automatically check for consistency of rkhunter with db files. Will require including (and managing) the new file (supported_versions.dat) in the mirror site.

Also:
* I'm not sure about best logging levels for "not the latest version" and "totally not supported" cases, but this should provide a framework to detect those cases, at least.
* This is doing something sort-of similar to the --versioncheck command line option, automatically. Except this just uses whatever the local supported_versions.dat file is, instead of temporarily auto-downloading the latest version of rkhunter.vc. Not sure if --versioncheck should be adjusted in some way; I just left it as-is.