rkhunter error

Discussion in 'Server Operation' started by Tom John, Nov 10, 2019.

  1. Tom John

    Tom John Active Member HowtoForge Supporter

    Hi guys,
    i installed ubuntu 19.04 and now i get an error with rkhunter:
    Code:
    root@server1:~# sudo rkhunter --update
    Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"
    
    I removed rkhunter but i still have the same problem
    when i run rkhunter i get a lot of errors like that:
    Code:
     Performing file properties checks
        Checking for prerequisites                               [ Warning ]
        /usr/sbin/adduser                                        [ Warning ]
        /usr/sbin/chroot                                         [ Warning ]
        /usr/sbin/cron                                           [ OK ]
        /usr/sbin/groupadd                                       [ Warning ]
        /usr/sbin/groupdel                                       [ Warning ]
        /usr/sbin/groupmod                                       [ Warning ]
        /usr/sbin/grpck                                          [ Warning ]
        /usr/sbin/inetd                                          [ Warning ]
        /usr/sbin/nologin                                        [ Warning ]
        /usr/sbin/pwck                                           [ Warning ]
        /usr/sbin/rsyslogd                                       [ Warning ]
        /usr/sbin/sshd                                           [ Warning ]
        /usr/sbin/tcpd                                           [ Warning ]
        /usr/sbin/useradd                                        [ Warning ]
    
    
    maybe someone can help me with this problem?
    thanks a lot
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    is caused by Debian and Ubuntu removing the possibility to do rkhunter --update with what I consider a not so nice hack. Debian bug report discusses rationale. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869760 There may be Ubuntu bug report also.
    I say it would make more sence to remove the --update option if it is not meant to be used, or at least make a better error message to replace that current very cryptic one.
     
  3. Steini86

    Steini86 Active Member

    As pointed out, there should be no need to use the --update option in Debian/Ubuntu.
    Although, you could make it work by changing these settings in rkhunter.conf
    Code:
    UPDATE_MIRRORS=0 to UPDATE_MIRRORS=1
    MIRRORS_MODE=1 to MIRRORS_MODE=0
    WEB_CMD="/bin/false" to WEB_CMD=""
     
  4. Tom John

    Tom John Active Member HowtoForge Supporter

    thanks a lot for your kind help guys,
    its working now..
     

Share This Page