If one "vital" binary (i.e. on of those checked explicitly for
attributes etc) is added later to a machine without running --propupd,
rkhunter just warns about the file (and will not use e.g. RPM data to
verify that the file is correct). This patch simply substitutes
dummy "rkhunter.dat" information in the case that RPM metadata will be
used anyway. This dummy data will not get used at all, but enables the
per-file checks later on.
Log in to post a comment.