On Sun, 2015-10-04 at 05:04 -0600, Mike Brown wrote:
>
> # portmaster -d security/rkhunter
> # rkhunter --propupd
> # rkhunter --update
> # rkhunter --enable filesystem --check
>
> Problem: The following warnings were produced in the log:
>
How did the check look on the screen? Did the output lines appear
correct or not?
> [04:04:55] Warning: Hidden directory found:
> ?[1m?[38;5;6m/etc/..?[39;49m?[m: cannot open
> `^[[1m^[[38;5;6m/etc/..^[[39;49m^[[m' (No such file or directory)
>
> 1. These warnings should not have been produced.
> . and .. in /usr and /etc should not be cause for concern.
>
> 2. When written to the log, the ANSI color codes should not be
> included.
>
Typically both of these do not occur.
Your debug info shows some problem going on, but I am a bit lost as to
why:
=============
+ [ -d /usr ]
+ egrep -v '/\.\.?$'
+ ls -1d /usr/. /usr/..
+ RKHTMPVAR='�[1m�[38;5;6m/usr/.�[39;49m�[m
�[1m�[38;5;6m/usr/..�[39;49m�[m'
=============
The lines of code here are:
============
if [ -d "${DIR}" ]; then
RKHTMPVAR=`ls -1d ${DIR}/.* 2>/dev/null | egrep -v '/\.\.?$'`
============
So on your BSD system running: ls -ld /usr/.* | egrep -v '/\.\.?$'
sets RKHTMPVAR to contain the colour codes. That really doesn't make
much sense. Can you run the 'ls -ld ... | egrep ...' command from a
terminal and see what happens. If that runs okay (it should produce no
output), then try running it and assigning the output to a variable -
that is, from a terminal run the RKHTMPVAR= command sequence above.
Then echo the $RKHTMPVAR variable to see what is shown. Again, if it
works correctly, then nothing but a blank line will be shown.
Thanks,
John.
--
----------------------------------------------------
John Horne Tel: +44 (0)1752 587287
Plymouth University, UK
------------------------------------------------------------------------------
_______________________________________________
Rkhunter-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
