Tell rkhunter to ignore /etc/passwd by inserting EXISTWHITELIST=”/etc/passwd” in your rkhunter configuration file. If you prefer not to make this change to your configuration file, make sure you run rkhunter –propupd with the same PATH as given in /etc/crontab. A command like env -i PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin rkhunter –propupd should suffice. Thanks to Mr. Torfinn Ingolfsen for […]

Read More → rkhunter complaining about /etc/passwd?

Something was wrong with the combination of PHP 5.3.5, php-mysql 5.3.5, and MySQL 5.5.8 on FreeBSD 8 earlier this month. Any attempt to run the command php -v resulted in PHP hanging after outputting the “Zend line”. Either kill(1) the process or type C-c to put it out of its misery, but neither action is […]

Read More → Minor difficulties with PHP 5.3.5, php-mysql 5.3.5, and MySQL 5.5.8 on FreeBSD 8, now solved

I upgraded one of my systems to FreeBSD 8.2-PRERELEASE the other day. Next, I upgraded rkhunter to 1.3.8 on the same system. The output of the sockstat command sometimes contains more information than rkhunter is prepared to handle, resulting in different outputs from netstat and sockstat. rkhunter treats this as an infection. Maybe it is. […]

Read More → rkhunter 1.3.8 and sockstat on FreeBSD 8.2-PRERELEASE