Forum Linux.debian/ubuntu [RÉSOLU] rkhunter : mise à jour impossible

Posté par (page perso) . Licence CC by-sa
Tags :
1
16
août
2017

Bonjour à tou·te·s,

Je ne parviens plus à mettre à jour rkhunter depuis quelques semaines.

Je suis sous Debian 8 (infos noyau : Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u2 (2017-06-26)).

Message d’erreur

$ rkhunter --update
Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"

Aperçu du log

Si je commente la ligne WEB_CMD dans ma config rkhunter, je dispose de l’historique suivant :

$ cat /var/log/rkhunter.log
[18:30:39] Running Rootkit Hunter version 1.4.2 on muchos-laptop
[18:30:39]
[18:30:39] Info: Start date is samedi 12 août 2017, 18:30:39 (UTC+0200)
[18:30:39]
[18:30:39] Checking configuration file and command-line options...
[18:30:39] Info: Detected operating system is 'Linux'
[18:30:39] Info: Found O/S name: Debian 8.5
[18:30:39] Info: Command line is /usr/bin/rkhunter --update
[18:30:39] Info: Environment shell is /bin/bash; rkhunter is using dash
[18:30:39] Info: Using configuration file '/etc/rkhunter.conf'
[18:30:39] Info: Installation directory is '/usr'
[18:30:39] Info: Using language 'en'
[18:30:39] Info: Using '/var/lib/rkhunter/db' as the database directory
[18:30:39] Info: Using '/usr/share/rkhunter/scripts' as the support script directory
[18:30:39] Info: Using '/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin' as the command directories
[18:30:39] Info: Using '/var/lib/rkhunter/tmp' as the temporary directory
[18:30:39] Info: X will be automatically detected
[18:30:39] Info: Using second color set
[18:30:39] Info: Found the 'basename' command: /usr/bin/basename
[18:30:39] Info: Found the 'diff' command: /usr/bin/diff
[18:30:39] Info: Found the 'dirname' command: /usr/bin/dirname
[18:30:39] Info: Found the 'file' command: /usr/bin/file
[18:30:39] Info: Found the 'find' command: /usr/bin/find
[18:30:39] Info: Found the 'ifconfig' command: /sbin/ifconfig
[18:30:39] Info: Found the 'ip' command: /sbin/ip
[18:30:39] Info: Found the 'ipcs' command: /usr/bin/ipcs
[18:30:39] Info: Found the 'ldd' command: /usr/bin/ldd
[18:30:39] Info: Found the 'lsattr' command: /usr/bin/lsattr
[18:30:39] Info: Found the 'lsmod' command: /sbin/lsmod
[18:30:39] Info: Found the 'lsof' command: /usr/bin/lsof
[18:30:39] Info: Found the 'mktemp' command: /bin/mktemp
[18:30:39] Info: Found the 'netstat' command: /bin/netstat
[18:30:39] Info: Found the 'perl' command: /usr/bin/perl
[18:30:39] Info: Found the 'pgrep' command: /usr/bin/pgrep
[18:30:39] Info: Found the 'ps' command: /bin/ps
[18:30:39] Info: Found the 'pwd' command: /bin/pwd
[18:30:39] Info: Found the 'readlink' command: /bin/readlink
[18:30:39] Info: Found the 'stat' command: /usr/bin/stat
[18:30:39] Info: Found the 'strings' command: /usr/bin/strings
[18:30:40] Info: Found the 'wget' command: /usr/bin/wget
[18:30:40] Info: The mirrors file will be rotated
[18:30:40] Info: Only local mirrors will be used
[18:30:40] Info: The mirrors file will not be updated
[18:30:40] Info: Logging to log file: /var/log/rkhunter.log
[18:30:40] Info: Locking is not being used
[18:30:40]
[18:30:40] Checking rkhunter data files...
[18:30:40] Info: Created temporary file '/var/lib/rkhunter/tmp/rkhunter.upd.yELNxP0U3f'
[18:30:40] Checking file mirrors.dat [ Skipped ]
[18:30:40] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[18:30:40] Warning: Download of 'programs_bad.dat' failed: Unable to determine the latest version number.
[18:30:40] Checking file programs_bad.dat [ Update failed ]
[18:30:40] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[18:30:40] Warning: Download of 'backdoorports.dat' failed: Unable to determine the latest version number.
[18:30:40] Checking file backdoorports.dat [ Update failed ]
[18:30:40] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[18:30:40] Warning: Download of 'suspscan.dat' failed: Unable to determine the latest version number.
[18:30:40] Checking file suspscan.dat [ Update failed ]
[18:30:40] Info: The mirrors file has no required mirrors in it: /var/lib/rkhunter/db/mirrors.dat
[18:30:40] Checking file i18n versions [ Update failed ]
[18:30:40] Warning: Download of 'i18n.ver' failed: Unable to determine the latest version number.
[18:30:40]
[18:30:40] Info: End date is samedi 12 août 2017, 18:30:40 (UTC+0200)

En ligne

J’ai trouvé quelqu’un avec un problème similaire, récemment reporté. Une réponse est donnée, mais je ne la comprends pas.

Merci d’avance de vos éclaircissements, et bonne semaine.

  • # /etc/rkhunter.conf

    Posté par (page perso) . Évalué à 2 (+0/-0).

    Si tu cherches 'false' dans /etc/rkhunter.conf, ça donne quoi?

    La gelée de coings est une chose à ne pas avaler de travers.

    • [^] # Re: /etc/rkhunter.conf

      Posté par (page perso) . Évalué à 1 (+0/-0).

      Merci @Lol Zimmerli.

      False apparait dans 3 commentaires et dans la ligne citée plus haut :

      The supplied configuration file has some tests already disabled, and these are tests that will be used only occasionally, can be considered 'advanced' or that are prone to produce more than the average number of false-positives.
      […]
      Please do not enable the 'suspscan' test by default as it is CPU and I/O intensive, and prone to producing false positives.
      […]
      Do not use a directory name that is listed in SUSPSCAN_DIRS as that is highly likely to cause false-positive results.
      […]
      WEB_CMD="/bin/false"

      Debug the Web together.

Envoyer un commentaire

Suivre le flux des commentaires

Note : les commentaires appartiennent à ceux qui les ont postés. Nous n'en sommes pas responsables.