[Rkhunter-users] RFE: no warning for tcb enabled system
Brought to you by:
dogsbody
From: Dick G. <dvg...@xs...> - 2008-05-25 10:43:40
|
Hello, For increased security I enabled tcb - the alternative to shadow For reference: http://www.openwall.com/tcb/ http://www.builderau.com.au/program/linux/soa/Migrating-from-shadow-passwords-to-tcb-in-Linux/0,339028299,339269540,00.htm http://freshmeat.net/projects/tcb-adduser/ Since this was implemented I get an rkhunter warning that seems not appropriate: rkhunter -c -sk: ... Checking for passwordless accounts [ Warning ] ... rkhunter.log: ... [10:34:46] Checking for passwordless accounts [ Warning ] [10:34:46] Warning: No shadow/password file found. ... This is due to the fact that the one /etc/shadow file has been replaced by separate /etc/tcb/<user>/shadow files I would like to propose that in some future version rkh is enhanced to check -- in case /etc/shadow is absent -- the correctness of the separate shadow files instead. Thanks v.m. for your time. I shall gladly post a bugreport for this if you prefer. Ciao, =Dick Gevers= |