Bug#740718: rkhunter: i18n db update of lang en keyword NETWORK_PROMISC_NO_IP missing
Hubert Krause
hubert.krause at inform-software.com
Tue Mar 4 11:38:44 UTC 2014
Package: rkhunter
Version: 1.4.0-1
Severity: minor
Dear Maintainer,
This weekend rkhunter automaticaly fetched an i18n upgrade for en and tw
from its mirrors (don't know wich mirror). This upgrade does remove the
keyword NETWORK_PROMISC_NO_IP from language file for en and tw.
This results in the error:
Error: Invalid display - keyword cannot be found: Display line: display --to
LOG --type INFO NETWORK_PROMISC_NO_IP
for daily rkhunter run. Switching to lang=de solve this Problem because
the keyword NETWORK_PROMISC_NO_IP is still availabe in the german language
file.
best regards,
Hubert
-- System Information:
Debian Release: 7.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages rkhunter depends on:
ii binutils 2.22-8
ii debconf [debconf-2.0] 1.5.49
ii file 5.11-2+deb7u1
ii net-tools 1.60-24.2
ii perl 5.14.2-21+deb7u1
ii ucf 3.0025+nmu3
Versions of packages rkhunter recommends:
ii iproute 20120521-3+b3
ii lsof 4.86+dfsg-1
ii lynx 2.8.8dev.12-2
ii postfix [mail-transport-agent] 2.9.6-2
ii unhide.rb 13-1.1
ii wget 1.13.4-3+deb7u1
Versions of packages rkhunter suggests:
ii bsd-mailx [mailx] 8.1.2-0.20111106cvs-1
pn libdigest-whirlpool-perl <none>
ii liburi-perl 1.60-1
ii libwww-perl 6.04-1
pn powermgmt-base <none>
pn tripwire <none>
-- Configuration Files:
/etc/apt/apt.conf.d/90rkhunter changed:
// Makes sure that rkhunter file properties database is updated after each remove or install only if hashes test is enabled
DPkg::Post-Invoke { "if [ -x /usr/bin/rkhunter ] && ( ! grep -q -E '^DISABLE_TESTS=.*(hashes.*attributes|attributes.*hashes|properties)' /etc/rkhunter.conf || grep -q -E '^ENABLE_TESTS=.*(hashes|attributes|properties)' /etc/rkhunter.conf); then /usr/bin/rkhunter --propupd --nolog; fi" }
/etc/rkhunter.conf changed:
ROTATE_MIRRORS=1
UPDATE_MIRRORS=1
MIRRORS_MODE=0
MAIL-ON-WARNING=""
MAIL_CMD=mail -s "[rkhunter] Warnings found for ${HOST_NAME}"
TMPDIR=/var/lib/rkhunter/tmp
DBDIR=/var/lib/rkhunter/db
SCRIPTDIR=/usr/share/rkhunter/scripts
BINDIR="/bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin /usr/libexec /usr/local/libexec"
UPDATE_LANG=""
LOGFILE=/var/log/rkhunter.log
APPEND_LOG=0
COPY_LOG_ON_ERROR=0
COLOR_SET2=0
AUTO_X_DETECT=1
WHITELISTED_IS_WHITE=0
ALLOW_SSH_ROOT_USER=no
ALLOW_SSH_PROT_V1=0
ENABLE_TESTS="all"
DISABLE_TESTS="apps suspscan hidden_procs deleted_files packet_cap_apps"
PKGMGR=DPKG
SCRIPTWHITELIST=/bin/egrep
SCRIPTWHITELIST=/bin/fgrep
SCRIPTWHITELIST=/bin/which
SCRIPTWHITELIST=/usr/bin/groups
SCRIPTWHITELIST=/usr/bin/ldd
SCRIPTWHITELIST=/usr/bin/lwp-request
SCRIPTWHITELIST=/usr/sbin/adduser
SCRIPTWHITELIST=/usr/sbin/prelink
ALLOWHIDDENDIR=/etc/.java
ALLOWHIDDENDIR=/dev/.udev
ALLOWHIDDENDIR=/dev/.initramfs
ALLOWHIDDENDIR=/etc/.hg
ALLOWHIDDENFILE=/dev/shm/.run-transition
ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
ALLOWHIDDENFILE=/usr/share/man/man5/.k5identity.5.gz
ALLOWHIDDENFILE=/etc/.hgignore
ALLOWHIDDENFILE=/etc/.etckeeper
IP_CMD=DISABLED
ALLOWDEVFILE="/dev/.udev/db/net:eth*"
XINETD_CONF_PATH=/etc/xinetd.conf
XINETD_ALLOWED_SVC=/etc/xinetd.d/amanda
ALLOW_SYSLOG_REMOTE_LOGGING=1
SUSPSCAN_DIRS="/tmp /var/tmp"
SUSPSCAN_TEMP=/dev/shm
SUSPSCAN_MAXSIZE=10240000
SUSPSCAN_THRESH=200
USE_LOCKING=0
LOCK_TIMEOUT=300
SHOW_LOCK_MSGS=1
INSTALLDIR="/usr"
-- debconf information:
rkhunter/apt_autogen: false
rkhunter/cron_daily_run:
rkhunter/cron_db_update:
More information about the forensics-devel
mailing list