Package: rkhunter Version: 1.4.2-5 Severity: important
Hi. Since a while now (at least some months) I observe the behaviour that somehow the lock file of rkhunter doesn't get cleaned up correctly over and over again, and thus rkhunter e.g. hangs every time after upgrading packages when it tries to calculate new sums. I then typically resolve this manully (rkhunter --unlock), but shortly after (though I haven't been able to really reproduce this) it happens again... I'm observing this on different nodes (VMs, notebook, server) and it happens basically daily. When it happenes, then none of these systems had been shut down unclean, which could explain a stale log if rkhunter was just running then (e.g. the cron job or after aptitude),... so IMHO it must be some bug that happens during normal operation. I think this issue appeared first roughly at the time when aptitude started to get fresh development again, so maybe something has changed there, that least to the stale lock files. Perhaps other people suffer from this as well and have some ideas? Chris. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.5.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages rkhunter depends on: ii binutils 2.26-8 ii debconf [debconf-2.0] 1.5.59 ii file 1:5.25-2 ii lsof 4.89+dfsg-0.1 ii net-tools 1.60+git20150829.73cef8a-2 ii perl 5.22.1-10 ii ucf 3.0036 Versions of packages rkhunter recommends: ii bsd-mailx [mailx] 8.1.2-0.20160123cvs-2 ii curl 7.47.0-1 ii iproute2 4.3.0-1+b1 ii postfix [mail-transport-agent] 3.1.0-3 ii unhide 20130526-1 ii unhide.rb 22-2 ii wget 1.17.1-1+b1 Versions of packages rkhunter suggests: ii liburi-perl 1.71-1 ii libwww-perl 6.15-1 ii powermgmt-base 1.31+nmu1 -- Configuration Files: /etc/default/rkhunter changed: CRON_DAILY_RUN="true" CRON_DB_UPDATE="true" DB_UPDATE_EMAIL="true" REPORT_EMAIL="root" APT_AUTOGEN="true" NICE="10" RUN_CHECK_ON_BATTERY="true" /etc/logcheck/ignore.d.server/rkhunter [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/rkhunter' /etc/rkhunter.conf changed: ROTATE_MIRRORS=0 UPDATE_MIRRORS=0 MIRRORS_MODE=1 MAIL-ON-WARNING=root TMPDIR=/var/lib/rkhunter/tmp DBDIR=/var/lib/rkhunter/db SCRIPTDIR=/usr/share/rkhunter/scripts UPDATE_LANG=en LOGFILE=/var/log/rkhunter.log COPY_LOG_ON_ERROR=1 USE_SYSLOG=authpriv.warning AUTO_X_DETECT=1 WHITELISTED_IS_WHITE=1 ALLOW_SSH_ROOT_USER=no ALLOW_SSH_PROT_V1=0 ENABLE_TESTS=all DISABLE_TESTS=none HASH_CMD=sha512sum PKGMGR=NONE PKGMGR_NO_VRFY="" USE_SUNSUM=0 IGNORE_PRELINK_DEP_ERR="" USER_FILEPROP_FILES_DIRS=/etc/rkhunter.conf USER_FILEPROP_FILES_DIRS=/etc/rkhunter.conf.local EXCLUDE_USER_FILEPROP_FILES_DIRS="" EXISTWHITELIST="" ATTRWHITELIST="" WRITEWHITELIST="" SCRIPTWHITELIST=/bin/egrep SCRIPTWHITELIST=/bin/fgrep SCRIPTWHITELIST=/bin/which SCRIPTWHITELIST=/usr/bin/ldd SCRIPTWHITELIST=/usr/bin/lwp-request SCRIPTWHITELIST=/usr/sbin/adduser SCRIPTWHITELIST=/usr/sbin/unhide.rb IMMUTWHITELIST="" ALLOWHIDDENDIR=/etc/.java ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz ALLOWHIDDENFILE=/usr/share/man/man5/.k5identity.5.gz ALLOWPROCDELFILE=/bin/dash:/tmp/file* ALLOWPROCDELFILE=/bin/run-parts:/tmp/file* ALLOWPROCDELFILE=/usr/sbin/anacron:/tmp/file* ALLOWPROCLISTEN="" ALLOWPROMISCIF="" SCAN_MODE_DEV=THOROUGH ALLOWDEVFILE="" PHALANX2_DIRTEST=1 INETD_ALLOWED_SVC="" XINETD_ALLOWED_SVC="" UID0_ACCOUNTS="" PWDLESS_ACCOUNTS="" ALLOW_SYSLOG_REMOTE_LOGGING=0 APP_WHITELIST="" PORT_WHITELIST="" PORT_PATH_WHITELIST="" WARN_ON_OS_CHANGE=1 UPDT_ON_OS_CHANGE=0 RTKT_DIR_WHITELIST="" RTKT_FILE_WHITELIST="" SHARED_LIB_WHITELIST="" WEB_CMD=/bin/false USE_LOCKING=1 LOCK_TIMEOUT=600 UNHIDE_TESTS=-v -d -m brute sys procall reverse UNHIDETCP_OPTS=--verbose --fuser --lsof DISABLE_UNHIDE=0 INSTALLDIR=/usr SHOW_SUMMARY_WARNINGS_NUMBER=1 EMPTY_LOGFILES="" MISSING_LOGFILES="" -- debconf information: * rkhunter/cron_daily_run: true * rkhunter/apt_autogen: true * rkhunter/cron_db_update: true
