Bug#869760: Update of rkhunter fails

Salvatore Bonaccorso carnil at debian.org
Wed Jul 26 09:11:00 UTC 2017 

Hi Karsten,

(Not the maintainer here)

On Wed, Jul 26, 2017 at 10:19:56AM +0200, Karsten wrote:
> Package: rkhunter
> Version: 1.4.2-6+deb9u1
> Severity: important
> 
> Hello,
> 
> i can run rkhunter but any update of it fails.
> 
> 
> rkhunter --update
> Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"
> 
> 
> When i look in the config i really find this senseless pathname:
> 
> 
> # This allows the user to use a command other than the one automatically
> # selected by rkhunter, but still one which it already knows about.
> # For example:
> #
> #     WEB_CMD=curl
> WEB_CMD="/bin/false"
> 
> 
> When i comment out the above line then the update starts but fails again:
> 
> 
> rkhunter --update
> [ Rootkit Hunter version 1.4.2 ]
> 
> Checking rkhunter data files...
>   Checking file mirrors.dat                                  [ Skipped ]
>   Checking file programs_bad.dat                             [ Update failed ]
>   Checking file backdoorports.dat                            [ Update failed ]
>   Checking file suspscan.dat                                 [ Update failed ]
>   Checking file i18n versions                                [ Update failed ]
> 
> 
> In the log i can find:
> 
> 
> [10:10:34] Checking file mirrors.dat                         [ Skipped ]
> [10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
> [10:10:34] Warning: Download of 'programs_bad.dat' failed: Unable to determine the latest version number.
> [10:10:34] Checking file programs_bad.dat                    [ Update failed ]
> [10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
> [10:10:34] Warning: Download of 'backdoorports.dat' failed: Unable to determine the latest version number.
> [10:10:34] Checking file backdoorports.dat                   [ Update failed ]
> [10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
> [10:10:34] Warning: Download of 'suspscan.dat' failed: Unable to determine the latest version number.
> [10:10:34] Checking file suspscan.dat                        [ Update failed ]
> [10:10:34] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
> [10:10:34] Checking file i18n versions                       [ Update failed ]
> [10:10:34] Warning: Download of 'i18n.ver' failed: Unable to determine the latest version number.
> 
> 
> What is going wrong here?

This was an intentional change in the last point release which
included an update for rkhunter as well. It is due #765895 and
#866677.

https://tracker.debian.org/news/856557

Regards,
Salvatore

More information about the forensics-devel mailing list