Bug#627035: [rkhunher] rkhunter always fails with "Invalid BINDIR configuration option:"
Julien Valroff
julien at debian.org
Wed May 18 18:48:02 UTC 2011
package rkhunter
tags 627035 wontfix
severity 627035 normal
retitle 627035 rkhunter fails when PATH contains . (ie. current directory)
thanks
Hi Thomas,
Le mercredi 18 mai 2011 à 08:59:27 (+0200 CEST), Tomas Davidek a écrit :
>
> >>--- Please enter the report below this line. ---
> >>This version always fails with
> >>ipnp21:/home/davidek# rkhunter -c --rwo
> >>Invalid BINDIR configuration option: Invalid directory found: .
> >>
> >>Even specifying the --bindir option does not help, e.g.:
> >>ipnp21:/home/davidek# rkhunter --bindir /sbin -c --rwo
> >>Invalid '--bindir' option: Invalid directory found: .
> >I can't reproduce this issue.
> >
> >What is the output of the following command:
> >grep ^BINDIR /etc/rkhunter.conf{,.local}
>
> Here is more info:
> ipnp21:/home/davidek# grep ^BINDIR /etc/rkhunter.conf
> BINDIR="/bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin
> /usr/libexec /usr/local/libexec"
>
>
> >What is in your $PATH?
> ipnp21:/home/davidek# echo $PATH
> /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:.:/root/bin
>
> I see, here is the problem. When I set $PATH to "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/bin",
> then the problem disappears. My questions is then why rkhunter minds
> the current directory being in PATH ?
16682 # Create a spaced-separated PATH variable.
16683 RKHROOTPATH=`echo ${PATH} | tr ':' ' '`
Then it is used to know where to locate the various commands used by
rkhunter etc.
Your problem comes from the fact `.' does not begin with a `/':
2149 elif [ -z "`echo ${DIR} | grep '^/'`" ]; then
[…]
2152 echo "Invalid ${RKHTMPVAR2} option: Invalid directory found: ${DIR}"
Not sure what to do with it, as having the current directory in the path for
root is generally considered dangerous. I doubt you really want to use that…
and I won't change rkhunter behaviour in Debian (I know upstream will disagree
with such a change).
I hence tag this bug as wontfix but would prefer closing it if you agree
with this.
> >Did you have the exact same configuration with previous version (1.3.8-5)?
> Yes, I did not change anything.
I guess you haven't tested previous 1.3.8 versions as I can easily reproduce
this issue also with 1.3.8-5 (the only change introduced in the new version
has nothing to do with this issue anyway).
Cheers,
Julien
--
.''`. Julien Valroff ~ <julien at kirya.net> ~ <julien at debian.org>
: :' : Debian Developer & Free software contributor
`. `'` http://www.kirya.net/
`- 4096R/ E1D8 5796 8214 4687 E416 948C 859F EF67 258E 26B1
More information about the forensics-devel
mailing list