diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2020-11-08 15:50:58 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2020-11-15 18:33:37 +0100 |
| commit | 4d2a5f9e1ab9fb1c2c8a3bea5e286fa2ad953d6e (patch) | |
| tree | 6ab3531ff9bfacad08362661830bbf5c16f53ee7 | |
| parent | ef1764c0ec38f987087f8dc9727aa12c441720a0 (diff) | |
rkhunter: workaround for mix usrmerge/non-usrmerge environments.
See https://bugs.debian.org/932594#15 .
| -rw-r--r-- | roles/common/files/etc/rkhunter.conf | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/roles/common/files/etc/rkhunter.conf b/roles/common/files/etc/rkhunter.conf index ce3b2d6..ef38ab6 100644 --- a/roles/common/files/etc/rkhunter.conf +++ b/roles/common/files/etc/rkhunter.conf @@ -545,71 +545,78 @@ HASH_CMD=SHA512 # on the system at the time of testing. This option is used when the # configuration file options themselves are checked, and during the file # properties check, the hidden files and directories checks, and the filesystem # check of the '/dev' directory. # # This option may be specified more than once, and may use wildcards. # Be aware though that this is probably not what you want to do as the # wildcarding will be expanded after files have been deleted. As such # deleted files won't be whitelisted if wildcarded. # # NOTE: The user must take into consideration how often the file will appear # and disappear from the system in relation to how often rkhunter is run. If # the file appears, and disappears, too often then rkhunter may not notice # this. All it will see is that the file has changed. The inode number and DTM # will certainly be different for each new file, and rkhunter will report this. # # The default value is the null string. # #EXISTWHITELIST="" +# work around for usr-merge, cf. https://bugs.debian.org/932594 +EXISTWHITELIST=/usr/bin/egrep +EXISTWHITELIST=/usr/bin/fgrep + # # Whitelist various attributes of the specified file. The attributes are those # of the 'attributes' test. Specifying a file name here does not include it # being whitelisted for the write permission test (see below). # # This option may be specified more than once, and may use wildcard characters. # # The default value is the null string. # #ATTRWHITELIST=/usr/bin/date # # Allow the specified file to have the 'others' (world) permission have the # write-bit set. For example, files with permissions r-xr-xrwx or rwxrwxrwx. # # This option may be specified more than once, and may use wildcard characters. # # The default value is the null string. # #WRITEWHITELIST=/usr/bin/date # # Allow the specified file to be a script. # # This option may be specified more than once, and may use wildcard characters. # # The default value is the null string. # SCRIPTWHITELIST=/bin/egrep SCRIPTWHITELIST=/bin/fgrep SCRIPTWHITELIST=/bin/which +SCRIPTWHITELIST=/usr/bin/egrep +SCRIPTWHITELIST=/usr/bin/fgrep +SCRIPTWHITELIST=/usr/bin/which SCRIPTWHITELIST=/usr/bin/ldd SCRIPTWHITELIST=/usr/bin/lwp-request SCRIPTWHITELIST=/usr/sbin/adduser #SCRIPTWHITELIST=/usr/sbin/prelink #SCRIPTWHITELIST=/usr/sbin/unhide.rb # # Allow the specified file to have the immutable attribute set. # # This option may be specified more than once, and may use wildcard characters. # # The default value is the null string. # #IMMUTWHITELIST=/sbin/ifdown # # If this option is set to '1', then the immutable-bit test is reversed. That # is, the files are expected to have the bit set. A value of '0' means that the # immutable-bit should not be set. # |