On Feb 16, 2008 10:53 PM, John Horne <[EMAIL PROTECTED]> wrote: > On Sat, 2008-02-16 at 15:55 +0100, Colin Brace wrote: > > > > OK, I unmounted /dev/fd. rkhunter then runs fine. > > > > The one thing I notice though is that rkh didn't explicitly check the > > log files mentioned in the error messages I was getting. Do you have > > any idea why with fdesc enabled it is suddenly looking in /var/log? > > > I don't understand this bit. I saw nothing in the original message about > RKH looking in /var/log for anything.
On the basis of the error messages I see, rkh *appears* to be searching /dev/fd# for log files, i.e., the contents of /var/log. Here is a small sample of what I see: find: /dev/fd/3/mount.yesterday: No such file or directory find: /dev/fd/3/setuid.today: No such file or directory find: /dev/fd/3/pf.today: No such file or directory find: /dev/fd/3/dmesg.today: No such file or directory find: /dev/fd/3/wtmp.0: No such file or directory find: /dev/fd/3/messages.2.bz2: No such file or directory find: /dev/fd/3/debug.log.1.bz2: No such file or directory find: /dev/fd/3/maillog.1.bz2: No such file or directory find: /dev/fd/3/messages.3.bz2: No such file or directory find: /dev/fd/3/dmesg.yesterday: No such file or directory find: /dev/fd/3/debug.log.2.bz2: No such file or directory [...] find: /dev/fd/4/dmesg.yesterday: No such file or directory find: /dev/fd/4/debug.log.2.bz2: No such file or directory find: /dev/fd/4/maillog.3.bz2: No such file or directory find: /dev/fd/4/messages.1.bz2: No such file or directory find: /dev/fd/4/debug.log.3.bz2: No such file or directory find: /dev/fd/4/maillog.2.bz2: No such file or directory find: /dev/fd/4/debug.log.4.bz2: No such file or directory [...] And at the end: find: /dev/fd/4: No such file or directory find: /dev/fd/5: Bad file descriptor With fdesc enabled, I get about 350 lines of error messages like those above. -- Colin Brace Amsterdam http://lim.nl ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
