Menu

propupd

propupd (2) update (1)
aus9

PROPUPD

rkhunter --propupd

Means update your system file properties. This is a necessary step to establish a foundation database file to compare scans. There is another command called --update which is not the same. On a clean install, the first run of propupd, creates a new database file. On later scans, running the propupd command, updates the database file. So, to update the database file, you are satisfied you have only trusted source system file changes. RKH offers choices, in the CONF, in how you verify system file changes. You can use your package manager and other resources to verify changes reported in the log file.

Note the RKH team do not maintain an independent properties database for each distro and their various releases. The properties database file is always maintained locally by you. On a default layout, after propupd is run, the file can be found at
/var/lib/rkhunter/db/rkhunter.dat

Please note that propupd now has a number of options. However, on a clean install, there should be only the full properties update option used.

See investigation and related pages and other ways of using propupd (on a non-clean) system here After clean install propupd options

There is a small delay before the command completes the creation of the initial database. You can not do this on a computer that has already been connected to a network already. Clean install is the necessary pre-condition before running propupd. Once the database has been created we can connect internet and run update

UPDATE

The update command requires net access. It is highly recommended that no net access is allowed until you have completed the PROPUPD command. So the correct order is propupd and then update commmands.

" # rkhunter --update

The update command looks for various data updates. These are not going to modify your properties database. They relate to other data files in a default layout under
/var/lib/rkhunter/db/
and are maintained by the RKH team. These updates tend to be infrequent. On a clean installation, you can expect some updates. Although database updates may be infrequent, I suggest you have a cronjob to check for updates as, for example, you may have out-of-date applications that will be found with (example) the update of programs_bad.dat file

Next Page

Home Page

MongoDB Logo MongoDB