On Wed, 2010-08-11 at 14:58 -0700, Jonny Kent wrote: > > elsewhere in rkhunter.conf it says > #... A trusted path directory is one which > # rkhunter uses to locate commands. It is composed of the root PATH > # environment variable, and the BINDIR command-line or configuration > # file option. > That only applies for the PORT_WHITELIST option. It is special processing which allows both PATH and BINDIR in that instance.
> and for BINDIR it says > # Specify the command directories to be checked. This is a > # space-separated list of directories. > > > If I say I only want to check /usr/sbin it seems to me that rkhunter > should still find awk from the root PATH > Okay, I see what you are saying (I think). Commands that are to be run in order for RKH to execute (such as awk) should be found via PATH, but commands to be checked should be found from BINDIR. I suspect most people leave BINDIR unset, and as such BINDIR then becomes the same as PATH. I think this is more of a feature request than a bug, although I will look to add some more wording to BINDIR in the config file to try and explain more clearly what it (currently) does. I will need to think about this to see how it is going to affect previous behaviour, and how it may be incorporated into RKH. In your instance of setting 'BINDIR=/usr/local/libexec' are you expecting RKH to check: a) all the commands in /usr/local/libexec; b) only the specific commands it looks for (for checking) and finds in /usr/local/libexec; c) BINDIR first and then PATH for the specific commands it looks for (for checking). Actually option 'a' can be achieved by setting USER_FILEPROP_FILES_DIRS="/usr/local/libexec/*" although other directories will be searched as well. Option 'b' can be achieved by setting USER_FILEPROP_FILES_DIRS="/usr/local/libexec", again other directories will be searched. John. -- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
