Hi, I'm running rkhunter (rpm from SuSE 10.0) as a rootkit checker. It is started by /etc/cron.daily/01-rkhunter, which is part of the rkhunter rpm. For anybody who is using rkhunter as well: - normally you should update the rkhunter db-Files on a regular base (rkhunter --update) in order to update the rkhunter database Files. - SuSE patched the os-db file (/var/lib/rkhunter/db/os.dat) in order to put the "SUSE LINUX 10*" entries in here Anybody who does the db-update will receive a new db-File which does no longer contain SUSE LINUX 10.0 as a valid os; so all md5-checks are skipped. Solution: create file /etc/cron.daily/001-rkhunter: --- cut here --- #!/bin/sh MY_VERSION="`grep -i ^suse /etc/SuSE-release`" if [ -e /etc/rkhunter.conf ]; then . /etc/rkhunter.conf else exit 1 fi /usr/bin/rkhunter --update | /bin/mail -s 'rkhunter Daily update' root if [ `grep -c "${MY_VERSION}" ${DBDIR}/os.dat` -eq 0 ]; then echo "999:${MY_VERSION}:/usr/bin/md5sum:/bin:" >> ${DBDIR}/os.dat fi --- cut here --- and rkhunter keeps on working. Andreas