Package: chkrootkit Version: 0.44-2 Severity: wishlist Tags: patch
chkrootkit gives lots of false warnings, and it gets annoying receiving an email of false warnings every day. A quick fix is to make chkrootkit only send mail if its output has changed. Attached is a patch to do this. (You'll also have to "mkdir /var/lib/chkrootkit" as root.) -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27-1-686-smp Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages chkrootkit depends on: ii binutils 2.15-5 The GNU assembler, linker and bina ii debconf 1.4.41 Debian configuration management sy ii libc6 2.3.2.ds1-19 GNU C Library: Shared libraries an ii net-tools 1.60-10 The NET-3 networking toolkit -- debconf information: * chkrootkit/run_daily: true * chkrootkit/run_daily_opts: -q
--- /etc/chkrootkit.conf.orig 2005-01-15 15:48:48.000000000 -0800 +++ /etc/chkrootkit.conf 2005-01-15 15:11:53.000000000 -0800 @@ -1,2 +1,3 @@ RUN_DAILY="true" RUN_DAILY_OPTS="-q" +SHOW_DIFFS="true" --- /etc/cron.daily/chkrootkit.orig 2005-01-15 15:48:35.000000000 -0800 +++ /etc/cron.daily/chkrootkit 2005-01-15 15:46:51.000000000 -0800 @@ -8,6 +8,23 @@ fi if [ "$RUN_DAILY" = "true" ]; then - chkrootkit $RUN_DAILY_OPTS + if [ "$SHOW_DIFFS" = "true" ]; then + chkrootkit $RUN_DAILY_OPTS > $LIB/log.new + if [ -f $LIB/log ]; then + if diff -u $LIB/log $LIB/log.new; then + : + else + echo + echo + echo Full chkrootkit output: + cat $LIB/log.new + fi + else + cat $LIB/log.new + fi + mv $LIB/log.new $LIB/log + else + chkrootkit $RUN_DAILY_OPTS + fi fi
