Jim Flanagan wrote:
Does anyone know where I can get the newest version of rkhunter in an RPM for opensuse 10.3? I have an older version installed, and run it with the --update tag, but it still shows to be the older version.
Thanks,
Jim Hi, I don't think that you can update rkhunter that way. The --update only updates what rootkits it searches for, sort of like updating your windows antivirus database for new viruses.
If you want to update your version of rootkit hunter, you have to go to this page and download rootkit hunter. Once you have downloaded the tarball, then I use konqueror to go to the /etc/rkhunter.conf file so that you may delete that file or the new version won't work. An alternate method is detailed as follows: */ When you installed RKH it saw that the file /etc/rkhunter.conf already existed. The installer won't overwrite it, so it created a new dafault one (rkhunter.conf.xxxxxx). The number is just a unique number. What you need to do is integrate any required changes you had in rkhunter.conf to the new (numbered) file, and then move, or copy, that new file to rkhunter.conf. How you actually do this is up to you dpending on how you administer your systems. The point being that RKH will use the rkhunter.conf file. In your case you were running RKH version 1.3.0 but with a 1.2.9 version configuration file. That won't work. That's why when you removed rkhunter.conf everything suddenly worked. During that installation RKH saw there was no previous file, so just created one for you. You then had RKH 1.3.0 with a 1.3.0 config file. Personally, I leave the rkhunter.conf as it is and add any changes only to the bottom of it. That way, when a new RKH version comes out, I only need to copy/paste the bottom part of the file to the new config file (the one with the number). I then 'mv' the numbered file over rkhunter.conf. But that's just me. /* Then to install the new rkhunter, you extract the tarball, then cd to the opened file, then run this script from command line as root: ./installer.sh --layout default --install There are more instructions in the Readme file. Once you have managed to install your new version, you must run rkhunter --propupd from command line as root so that it can figure out what files you have on your computer. Then as root run rkhunter --update to update the rootkit database. Then as root you may run rkhunter -c --sk to do your rootkit checks, and expect some false file warnings the first time around. Mark -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org