Bug#632599: rkhunter: Unknown configuration file option:

Kingsley G. Morse Jr. kingsley at loaner.com
Sun Jul 3 23:09:37 UTC 2011 

Package: rkhunter
Version: 1.3.8-6
Severity: normal


Hi Julien,

Thanks again for maintaining rkhunter.

Humble suggestion:

Improve the "-C' command line option (for checking
the configuration file) to allow leading spaces
before options in /etc/rkhunter.conf,
like the examples documented in it.

When I uncommented the example option for
RTKT_FILE_WHITELIST in /etc/rkhunter.conf

    '#     RTKT_FILE_WHITELIST="/etc/rc.local:hdparm"'

so that it is still indented with leading spaces,
like

    '     RTKT_FILE_WHITELIST="/etc/rc.local:hdparm"'

and I ran rkhunter with the "-C' option to check
the configuration file

    $ rkhunter -C

it complained with 

    Unknown configuration file option:      RTKT_FILE_WHITELIST="/etc/rc.local:hdparm"

The end user can work around this by left
justifying the RTKT_FILE_WHITELIST option in
/etc/rkhunter.conf, like
    
     'RTKT_FILE_WHITELIST="/etc/rc.local:hdparm"'

However, it seems to me that the examples
documented in the configuration file should work with the
"-C' command line option.

Thanks,
Kingsley

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages rkhunter depends on:
ii  binutils                     2.20.1-15   The GNU assembler, linker and bina
ii  debconf [debconf-2.0]        1.5.32      Debian configuration management sy
ii  file                         4.12-1      Determines file type using "magic"
ii  net-tools                    1.60-4      The NET-3 networking toolkit
ii  perl                         5.12.3-7+b1 Larry Wall's Practical Extraction 
ii  ucf                          3.0018      Update Configuration File: preserv

Versions of packages rkhunter recommends:
ii  curl                          7.15.5-1   Get a file from an HTTP, HTTPS, FT
ii  elinks [links]                0.4.2.99-1 Character mode WWW/FTP browser
ii  exim4-daemon-light [mail-tran 4.76-2     lightweight Exim MTA (v4) daemon
ii  iproute                       20080725-2 networking and traffic control too
ii  links                         0.99-1     Character mode WWW browser
ii  lsof                          4.64-1     List open files.
ii  lynx                          2.8.5-1    Text-mode WWW Browser
ii  unhide                        20110113-2 Forensic tool to find hidden proce
ii  unhide.rb                     12-3       Forensic tool to find processes hi
ii  wget                          1.11.4-2   retrieves files from the web

Versions of packages rkhunter suggests:
ii  libdigest-sha1-perl      2.13-1+b1       NIST SHA-1 message digest algorith
pn  libdigest-whirlpool-perl <none>          (no description available)
ii  liburi-perl              1.37+dfsg-1     Manipulates and accesses URI strin
ii  libwww-perl              5.803-4         WWW client/server library for Perl
ii  mailutils [mailx]        1:1.1+dfsg1-3.1 GNU mailutils utilities for handli
pn  powermgmt-base           <none>          (no description available)
pn  tripwire                 <none>          (no description available)

-- Configuration Files:
/etc/rkhunter.conf changed [not included]

-- debconf information excluded

More information about the forensics-devel mailing list