Hallo, John, Du (john.horne) meintest am 23.10.07:
>> since upgrading RKHunter to the current version 1.3.0 i got multiple >> new warning messages on my FreeBSD box. >> Warning: No local startup files found. >> >> -> Why is this resulting in a warning if no local startup file was >> -> found? >> > In this case the check is for the file used for local startup > modifications. Typically something like /etc/rc.d/rc.local or > rc.sysinit. Again, having no such file is suspicious. Can you do some tricks with "OS_VERSION_FILE"? http://arktur.de/Wiki/Entwicklung:UIDGID#Kennungen http://arktur.shuttle.de/beta/Paketbau.shtml#init I have no informations about the BSD names and locations, but perhaps I (or someone else) could find them in packets which fit for many distributions, p.e. LTSP or apcupsd. By the way: I have built a slackwware tarball: http://arktur.shuttle.de/CD/5.0-slack/slack/n1/rkhunter-1.3.0-noarch-1hln.tgz > The value of 'PermitRootLogin' in the sshd_config must be exactly the > same as that in the rkhunter.conf file (the ALLOW_SSH_ROOT_USER > option). Since SSH defaults to 'yes', and RKH defaults to 'no', you > get a warning. You need to set the option in the sshd_config file to > some value suitable for your requirements, and then set > ALLOW_SSH_ROOT_USER to the same value in the rkhunter.conf file. (I > guess we should allow some setting for when the 'PermitRootLogin' is > unset.) But when RKH can find the actual value of "PermitRootLogin": why does it need an entry in "/etc/rkhunter.conf"? Viele Gruesse! Helmut ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
