Bug#872617: rkhunter doesn't work with unhide.rb

[Daniel Leidert]

Package: rkhunter
Version: 1.4.2-6+deb9u1
Severity: normal

Hi,

I have rkunter and unhide.rb installed. But the hidden_procs test is skipped.
It only works if unhide (C) is installed. If both are installed, the
DISABLE_UNHIDEi variable seems to be of no effect. Taking a look into
/usr/bin/rkhunter it seems to me, that it doesn't look for unhide.rb at all.
So I wonder, if unhide.rb is supported or used by rkhunter or not.

Regards, Daniel


-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'unstable'), (500, 'testing'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.41-042stab123.9 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages rkhunter depends on:
ii  binutils               2.28-5
ii  debconf [debconf-2.0]  1.5.61
ii  file                   1:5.30-1
ii  lsof                   4.89+dfsg-0.1
ii  net-tools              1.60+git20161116.90da8a0-1
ii  perl                   5.24.1-3+deb9u1
ii  ucf                    3.0036

Versions of packages rkhunter recommends:
ii  curl                            7.52.1-5
ii  heirloom-mailx                  14.8.16-1
ii  iproute2                        4.9.0-1
ii  postfix [mail-transport-agent]  3.1.4-7
pn  unhide                          <none>
ii  unhide.rb                       22-2
ii  wget                            1.18-5

Versions of packages rkhunter suggests:
ii  liburi-perl     1.71-1
ii  libwww-perl     6.15-1
ii  powermgmt-base  1.31+nmu1

-- Configuration Files:
/etc/rkhunter.conf changed [not included]

-- debconf information excluded