oops! forgot to copy the list ---------- Forwarded message ---------- From: Jonny Kent <[email protected]> Date: Wed, Aug 11, 2010 at 1:57 PM Subject: Re: [Rkhunter-users] error: awk required for rkhunter but awk is present To: John Horne <[email protected]>
see comments interspersed below: On Wed, Aug 11, 2010 at 1:21 PM, John Horne <[email protected]>wrote: > On Wed, 2010-08-11 at 12:41 -0700, Jonny Kent wrote: > > > > > But that aside as it is not the point, the real point is that there > > seems to be a bug in that I should be able to say to not check any of > > those directories and rkhunter shiould still at least run, even with > > BINDIR="" > > > RKH will run if BINDIR is "", and that is the default provided (i.e. > BINDIR is undefined). What happens then is that RKH uses the root PATH > to locate where commands are. > elsewhere in rkhunter.conf it says #... A trusted path directory is one which # rkhunter uses to locate commands. It is composed of the root PATH # environment variable, and the BINDIR command-line or configuration # file option. and for BINDIR it says # Specify the command directories to be checked. This is a # space-separated list of directories. If I say I only want to check /usr/sbin it seems to me that rkhunter should still find awk from the root PATH I just tested and it works fine with BINDIR="" or with BINDIR commented out altogether but not with BINDIR="/usr/sbin" that does not gel with the description. if BINDIR overrides root PATH that should be said at least in order to avoid discussions like this<grin> OTOH it seems to me that if I want to check only /usr/sbin that right now I cannot, leaving aside the why would I want to do that. Right now if I set BINDIR="/usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec" rkhunter errors out as described to me that talks like a bug and walks like a bug but your mileage may vary and I won't beat the dead budgy on the counter any further <grin> > The BINDIR option is provided to allow you to add in additional > directories if necessary (Sun systems are a good one for that, although > RKH will automatically add some in), or allow you to re-order the > directory paths so that certain commands are found before others of the > same name (again Sun are a good example of this - using /usr/xpg4 > or /opt/bin before the main command directories). > OK now said to be "additional" directories hmmm seems like BINDIR is instead making it the "only" directory... and unless awk happens to be in that additional directory rkhunter won't run. > > > > > Note that says "command directories to be checked"...however if I > > add /bin to that > > BINDIR="/bin /usr/sbin" > > it works again. It seems like a bug to me that if I want to check only > > say /usr/local/libexec then that breaks rkhunter. > > rkhunter should not IMO be using that setting to determine where awk > > is. > > > This is how RKH works, and what it is designed to do. It will check > certain commands and locate them using BINDIR (or PATH). You have no > control over that other than as described above. Why would you not what > RKH to check commands? Since that is not the only thing that rkhunter does I might want only to do other things that rkhunter does. Say for instance when first using rkhunter and wanting to build it up a bit at a time, step by step. > That is what it does. If you really want to > specify exactly should be checked, and what shouldn't, then maybe > something like Aide or Tripwire would be more suitable. > > > > > John. > > > Thanks for your help.
------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
