From: Michael Mansour <mic@np...> - 2008-02-22 23:45:31
I've just performed the update on one of my servers from 1.2.9 to 1.3.0 (using
the spec file to build the RPM).
So far there's this warning which is really not valid for rsyslog users:
[10:33:20] Checking for syslog configuration file [ Warning ]
[10:33:20] Warning: The syslog daemon is running, but no configuration file
can be found.
ie. the /etc/syslog.conf is not used in rsyslog, instead it's /etc/rsyslog.conf
I realise I may be able to whitelist this check in the rkhunter.conf file, but
as Fedora has already announced standardisation on rsyslog, meaning rsyslog
will also be default in RHEL eventually (and all it's derivatives), I think it
would be wise for this check to also check for /etc/rsyslog.conf and if
neither rsyslog.conf nor syslog.conf are found, and syslog is running, then
produce a warning?