#30 [PATCH]: use RPM metadata even if no entry in rkhunter.dat

rkhunter (35)
Jan Iven

If one "vital" binary (i.e. on of those checked explicitly for
attributes etc) is added later to a machine without running --propupd,
rkhunter just warns about the file (and will not use e.g. RPM data to
verify that the file is correct). This patch simply substitutes
dummy "rkhunter.dat" information in the case that RPM metadata will be
used anyway. This dummy data will not get used at all, but enables the
per-file checks later on.


  • unSpawn

    unSpawn - 2009-08-27

    The file warning is to indicate that a file *has* been added/removed. RKH expects the majority of its users would want to know if something changed on the system rather than just assume it is okay by allowing the pkgmgr to provide data. The test of a file is not just of its properties but whether it exists or not compared to whether it existed or not previously. As such we cannot accept the patch.

  • unSpawn

    unSpawn - 2009-08-27
    • labels: --> rkhunter
    • milestone: --> main
    • assigned_to: nobody --> jhorne
    • status: open --> closed-rejected

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks