Bug#647493: rkhunter: Please allow deactivation of reports

Alexander Reichle-Schmehl tolimar at debian.org
Thu Nov 3 09:06:49 UTC 2011 

Package: rkhunter
Version: 1.3.2-6
Severity: minor
Tags: patch


Hi!

In our setup we use rkhunter on several systems and monitor the results of
the daily runs via our monitoring system.  So, we'd like to disable the
report mails.

However, unsetting MAIL-ON-WARNING in /etc/rkhunter.conf wasn't enough, as
we found out, that mails are also send from the cronjob itselfe (Why, if I
may ask?  Doesn't rkhunter itself already has the mail feature?)

Unsetting REPORT_EMAIL in /etc/cron.daily/rkhunter also didn't solved the
issue for us, as the "| /usr/sbin/sendmail $REPORT_EMAIL" in the cronjob
fails.

However, with the following patch:

-        if [ -s "$OUTFILE" ]; then
+        if [ -s "$OUTFILE" -a -n "$REPORT_EMAIL" ]; then

Report mails can be disabled, while keeping the functionality.


Best regards,
  Alexander


-- System Information:
Debian Release: 5.0.9
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-xen-686 (SMP w/1 CPU core)
Locale: LANG=de_DE at euro, LC_CTYPE=de_DE at euro (charmap=ISO-8859-15) (ignored: LC_ALL set to de_DE at euro)
Shell: /bin/sh linked to /bin/bash

Versions of packages rkhunter depends on:
ii  binutils            2.18.1~cvs20080103-7 The GNU assembler, linker and bina
ii  debconf [debconf-2. 1.5.24               Debian configuration management sy
ii  file                4.26-1               Determines file type using "magic"
ii  net-tools           1.60-22              The NET-3 networking toolkit
ii  perl                5.10.0-19lenny5      Larry Wall's Practical Extraction 
ii  postfix [mail-trans 2.5.5-1.1+lenny1     High-performance mail transport ag

Versions of packages rkhunter recommends:
ii  curl                     7.18.2-8lenny5  Get a file from an HTTP, HTTPS or 
ii  iproute                  20080725-2      networking and traffic control too
ii  libmd5-perl              2.03-1          backwards-compatible wrapper for D
ii  links                    2.1pre37-1.1    Web browser running in text mode
ii  lynx                     2.8.7dev9-2.1   Text-mode WWW Browser (transitiona
ii  unhide                   20080519-2      Forensic tool to find hidden proce
ii  wget                     1.11.4-2+lenny2 retrieves files from the web

Versions of packages rkhunter suggests:
ii  bsd-mailx          8.1.2-0.20071201cvs-3 A simple mail user agent

-- debconf information:
* rkhunter/apt_autogen: true
* rkhunter/cron_daily_run: true
* rkhunter/cron_db_update: true

More information about the forensics-devel mailing list