Bug#869760: Update of rkhunter fails

Karsten debian at decotrain.de
Wed Jul 26 08:19:56 UTC 2017 

Package: rkhunter
Version: 1.4.2-6+deb9u1
Severity: important

Hello,

i can run rkhunter but any update of it fails.


rkhunter --update
Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"


When i look in the config i really find this senseless pathname:


# This allows the user to use a command other than the one automatically
# selected by rkhunter, but still one which it already knows about.
# For example:
#
#     WEB_CMD=curl
WEB_CMD="/bin/false"


When i comment out the above line then the update starts but fails again:


rkhunter --update
[ Rootkit Hunter version 1.4.2 ]

Checking rkhunter data files...
  Checking file mirrors.dat                                  [ Skipped ]
  Checking file programs_bad.dat                             [ Update failed ]
  Checking file backdoorports.dat                            [ Update failed ]
  Checking file suspscan.dat                                 [ Update failed ]
  Checking file i18n versions                                [ Update failed ]


In the log i can find:


[10:10:34] Checking file mirrors.dat                         [ Skipped ]
[10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[10:10:34] Warning: Download of 'programs_bad.dat' failed: Unable to determine the latest version number.
[10:10:34] Checking file programs_bad.dat                    [ Update failed ]
[10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[10:10:34] Warning: Download of 'backdoorports.dat' failed: Unable to determine the latest version number.
[10:10:34] Checking file backdoorports.dat                   [ Update failed ]
[10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[10:10:34] Warning: Download of 'suspscan.dat' failed: Unable to determine the latest version number.
[10:10:34] Checking file suspscan.dat                        [ Update failed ]
[10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[10:10:34] Checking file i18n versions                       [ Update failed ]
[10:10:34] Warning: Download of 'i18n.ver' failed: Unable to determine the latest version number.


What is going wrong here?

Regards
Karsten


-- System Information:
Debian Release: 9.1
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages rkhunter depends on:
ii  binutils               2.28-5
ii  debconf [debconf-2.0]  1.5.61
ii  file                   1:5.30-1
ii  lsof                   4.89+dfsg-0.1
ii  net-tools              1.60+git20161116.90da8a0-1
ii  perl                   5.24.1-3+deb9u1
ii  ucf                    3.0036

Versions of packages rkhunter recommends:
ii  curl                                       7.52.1-5
ii  iproute2                                   4.9.0-1
ii  mailutils [mailx]                          1:3.1.1-1
ii  unhide                                     20130526-1
ii  unhide.rb                                  22-2
ii  wget                                       1.18-5

Versions of packages rkhunter suggests:
ii  liburi-perl     1.71-1
ii  libwww-perl     6.15-1
ii  powermgmt-base  1.31+nmu1

-- debconf information:
  rkhunter/cron_db_update:
  rkhunter/apt_autogen: false
  rkhunter/cron_daily_run:

More information about the forensics-devel mailing list