New to the list, I recently updated to rkhunter 1.4.0 with the rpm package from EPEL on CentOS 6
One one of my systems I'm now getting the errors: $ sudo rkhunter --check Invalid ALLOWDEVFILE configuration option: Invalid pathname: MDIO Invalid ALLOWDEVFILE configuration option: Invalid pathname: bus.0 Invalid ALLOWDEVFILE configuration option: Invalid pathname: PHY Invalid ALLOWDEVFILE configuration option: Invalid pathname: SCB2 Invalid ALLOWDEVFILE configuration option: Invalid pathname: BIOS Invalid ALLOWDEVFILE configuration option: Invalid pathname: Flash Invalid ALLOWDEVFILE configuration option: Invalid pathname: MDIO Invalid ALLOWDEVFILE configuration option: Invalid pathname: bus.0 The culprits are files in the /dev/.udev/db directory $ ls /dev/.udev/db | grep " " drivers:Generic PHY drivers:Intel SCB2 BIOS Flash platform:Fixed MDIO bus.0 I started with the default rkhunter.conf that installed with the update, that contains the line ALLOWDEVFILE=/dev/.udev/db/* I've tried adding quotes around the path, and also adding the lines ALLOWDEVFILE="/dev/.udev/db/platform:Generic PHY" ALLOWDEVFILE="/dev/.udev/db/platform:Intel SCB2 BIOS Flash" ALLOWDEVFILE="/dev/.udev/db/platform:Fixed MDIO bus.0" but I'm still getting the error Thank for any advice Tony Schreiner ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Rkhunter-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rkhunter-users
