package rkhunter severity 657103 important thanks Le mardi 24 janv. 2012 à 02:38:05 (+0100 CET), Jesse Molina a écrit : > Package: rkhunter > Version: 1.3.8-10 > Severity: grave > Justification: renders package unusable
Lowering the severity as it seems the package is unusable only in specific circumstances. > When doing "sudo rkhunter --propupd", error; > Invalid BINDIR configuration option: Invalid directory found: ~/bin > > Both the user and root user have ~/bin in their $PATH, which seems to trigger > the issue. > > Note that; > > -->egrep "^BINDIR" /etc/rkhunter.conf > BINDIR="/bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin > /usr/libexec /usr/local/libexec" > > But, it complains and fails anyway. This indeed shouldn't happen as $PATH should only be used when BINDIR configuration option doesn't exist. What is your default shell? I'm surprised it leaves ~/bin in $PATH - it should be automagically changed to an absolute path. % grep PATH ~/.zshrc ## PATH definition [ -d ~/scripts ] && PATH=$PATH:~/scripts [ -d ~/bin ] && PATH=$PATH:~/bin % echo $PATH /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/home/julien/scripts:/home/julien/bin rkhunter then complains as it only accepts bin directories beginning with / to avoid any relative paths being used. > Additional opinionated dribble: At this point, the package, which offers > limited value to me anyway, becomes too much trouble to be worth > configuring so I'll just not deal with it. If the designer wishes for a > security package like this to be effective, it needs to be useful in it's > default configuration so that minimal manual intervention is required to > do the job. Very hard to make a default configuration for every possible system while keeping everything as secure as possible - just as with any other piece of software, you have to spend some time to configure it. If you want to help in improving the Debian package, you are welcome to join the pkg-forensics team. Upstream also welcomes patches. Cheers, Julien -- .''`. Julien Valroff ~ <jul...@kirya.net> ~ <jul...@debian.org> : :' : Debian Developer & Free software contributor `. `'` http://www.kirya.net/ `- 4096R/ E1D8 5796 8214 4687 E416 948C 859F EF67 258E 26B1 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
