Bug#765858: rkhunter: rkhupd.sh fails with "Non-existent pathname" when prelink is not installed

Dmitry Borodaenko angdraug at gmail.com
Sat Oct 18 18:46:20 UTC 2014 

Package: rkhunter
Version: 1.4.2-0.1
Severity: minor

Default rkhunter.conf includes the following line:

SCRIPTWHITELIST=/usr/sbin/prelink

I don't have prelink installed, so when rkhunter's rkhupd.sh is invoked
at the end of an apt-get run, it fails with the following error message:

Invalid SCRIPTWHITELIST configuration option: Non-existent pathname: /usr/sbin/prelink

I see two problems with that:

1) absense of a file mentioned in a configuration option should be just
a warning, not a critical error;

2) the default rkhunter.conf shouldn't cause rkhunter to fail when an
optional-priority package that rkhunter doesn't depend on is not present
in the system.

I had to comment out the "SCRIPTWHITELIST=/usr/sbin/prelink" to make my
apt work with rkhunter post-invoke hook.

Thanks,
-Dmitry Borodaenko


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (70, 'testing'), (50, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rkhunter depends on:
ii  binutils               2.24.90.20141014-1
ii  debconf [debconf-2.0]  1.5.53
ii  file                   1:5.19-2
ii  net-tools              1.60-26
ii  perl                   5.20.1-1
ii  ucf                    3.0030

Versions of packages rkhunter recommends:
ii  curl                            7.38.0-2
ii  iproute                         1:3.16.0-2
ii  lsof                            4.86+dfsg-1
ii  postfix [mail-transport-agent]  2.11.1-1
pn  unhide.rb | unhide              <none>
ii  wget                            1.15-1+b1

Versions of packages rkhunter suggests:
ii  bsd-mailx [mailx]         8.1.2-0.20140825cvs-1
pn  libdigest-whirlpool-perl  <none>
ii  liburi-perl               1.64-1
ii  libwww-perl               6.08-1
ii  powermgmt-base            1.31+nmu1
pn  tripwire                  <none>

-- Configuration Files:
/etc/default/rkhunter changed [not included]
/etc/rkhunter.conf changed [not included]

-- debconf information:
* rkhunter/apt_autogen: true
* rkhunter/cron_db_update: no
* rkhunter/cron_daily_run: yes

More information about the forensics-devel mailing list