Dear all, I get another set of 'ugly' error messages at my daily runs of rkhunter on OpenBSD; due to some shell/ksh confusion of the ksh on OpenBSD. I have been able to limit it down to the 'update' part, and especially to this passage:
> + do_update > > ESC[1;33mChecking rkhunter data files...ESC[0;39m > Checking file mirrors.datESC[34C[ ESC[1;32mNo updateESC[0;39m ] > Checking file programs_bad.datESC[29C[ ESC[1;32mNo updateESC[0;39m ] > Checking file backdoorports.datESC[28C[ ESC[1;32mNo updateESC[0;39m ] > Checking file suspscan.datESC[33C[ ESC[1;32mNo updateESC[0;39m ] > rkhunter[15368]: [: file: unexpected operator/operand > Checking file i18n/cnESC[38C[ ESC[1;32mNo updateESC[0;39m ] > rkhunter[15368]: [: file: unexpected operator/operand > Checking file i18n/deESC[38C[ ESC[1;32mNo updateESC[0;39m ] > Checking file i18n/enESC[38C[ ESC[1;32mNo updateESC[0;39m ] > Checking file i18n/zhESC[38C[ ESC[1;32mNo updateESC[0;39m ] > rkhunter[15368]: [: file: unexpected operator/operand > Checking file i18n/zh.utf8ESC[33C[ ESC[1;32mNo updateESC[0;39m ] > + test 0 -eq 1 > + test 0 -eq 1 -o 0 -eq 1 The details are found here: Some earlier expression must have gone wrong, so that some message string gets evaluated. (On demand, I can make the whole lot available, of course.): > + LINE1=Latest version: $1 > + [ -z Latest version: $1 ] > + print Latest version: $1 > + sed -e s/`/\\`/g > + LINE1=Latest version: $1 > + test -n Latest version: $1 > + eval echo "Latest version: $1" | sed -e 's/;/\;/g' > + print Latest version: 2009091601 > + sed -e s/;/\;/g > + LINE1=Latest version: 2009091601 > + [ 1 -eq 1 ] > + date +[%H:%M:%S] > + LOGLINE1=[10:10:58] > + test 0 -gt 0 -o 0 -eq 1 > + [ -n Info ] > + LOGLINE1=[10:10:58] Info: Latest version: 2009091601 > + [ 0 -eq 1 -a 0 -gt 0 ] > + [ -n ] > + [ 0 -eq 1 -a -n ] > + [ 0 -eq 1 ] > + [ 1 -eq 1 ] > + print -- [10:10:58] Info: Latest version: 2009091601 > + >> /var/log/rkhunter.log > + [ 0 -eq 1 ] > + print [10:10:58] Info: Latest version: 2009091601 > + grep ^\[[0-9][0-9]:[0-9][0-9]:[0-9][0-9]\] > + [ 0 -eq 1 -a -n ] > + test 0 -eq 1 -a 0 -eq 1 > + return > + [ Binary file /var/lib/rkhunter/db/i18n/cn matches -lt 2009091601 ] > /usr/local/bin/rkhunter[15368]: [: file: unexpected operator/operand > + display --to SCREEN+LOG --type PLAIN --screen-indent 2 --color GREEN > --result NO_UPD UPDATE_CHECKING_FILE i18n/cn > + WARN_MSG=0 > + NL=0 I am not sure, but it could have been mis-evaluated here: > + print cn:2009091601 > + cut -d: -f2 > + LATEST_VERS=2009091601 > + [ -n ] > + [ -s /var/lib/rkhunter/db/i18n/cn ] > + tail -1 > + grep ^[Vv]ersion:[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]$ > /var/lib/rkhunter/db/i18n/cn > + 2> /dev/null > + cut -d: -f2 > + PROG_VERS=Binary file /var/lib/rkhunter/db/i18n/cn matches > + [ -z Binary file /var/lib/rkhunter/db/i18n/cn matches ] > + display --to LOG --type INFO VERSIONCHECK_CURRENT Binary file > /var/lib/rkhunter/db/i18n/cn matches The PROG_VERS is a strange string. Uwe ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
