I ran the following
I saw that it's effectively a ruby script, but why do I get a warning about it?
[edit] 2022-12-06 [edit]:
And also is it telling me that a script (unknown) replaced the (known) script pkgdb or that it was not a script before ?
OS: FreeBSD 13.1-RELEASE-p5 amd64
Rootkit Hunter 1.4.6
pkgdb 2.4.16
I only modified the first line of the github script about the env.
The warning seem to be a false positive, but I would like to know what is the reference for that warning? how the script rkhunter(8) came to conclude that something is not rigth with that pkgdb ruby script? I checked the faq from the sources and read the manual pages but I cant find it. and that too I dont understand :
where are the data used as reference by rkhunter(8) to compare with the existing file on the system?
[edit]:
Ok, i found the directories where rkhunter put it's data and how to generate them which I did'nt do prior to launch it the firs time. so i did the following I generated the rkhunter.dat whit the option
So what i'll do is enable PKGMGR BSDng option in the configuration file /usr/local/etc/rkhunter.conf and put it resolved. even if I dont understand the issue really for the moment. if some has a clue, thanks for sharing.
Thanks
# rkhunter -c
everything is ok but one warning that I don't think is important but don't understand why I get it. ?
Code:
[20:28:42] /usr/local/sbin/pkgdb [ Warning ]
[20:28:42] Warning: The command '/usr/local/sbin/pkgdb' has been replaced by a script: /usr/local/sbin/pkgdb: Ruby script, ASCII text executable
[edit] 2022-12-06 [edit]:
And also is it telling me that a script (unknown) replaced the (known) script pkgdb or that it was not a script before ?
OS: FreeBSD 13.1-RELEASE-p5 amd64
Rootkit Hunter 1.4.6
pkgdb 2.4.16
Code:
cksum /usr/local/sbin/pkgdb
1521661239 24687
cksum Desktop/pkgdb (from https://raw.githubusercontent.com/freebsd/portupgrade/master/bin/pkgdb)
1521661239 24687
I only modified the first line of the github script about the env.
The warning seem to be a false positive, but I would like to know what is the reference for that warning? how the script rkhunter(8) came to conclude that something is not rigth with that pkgdb ruby script? I checked the faq from the sources and read the manual pages but I cant find it. and that too I dont understand :
Code:
rkhunter --propupd /usr/local/sbin/pkgdb
The file properties file does not exist: /usr/local/var/lib/rkhunter/db/rkhunter.dat
[edit]:
Ok, i found the directories where rkhunter put it's data and how to generate them which I did'nt do prior to launch it the firs time. so i did the following I generated the rkhunter.dat whit the option
--propupd
alone and it generated the file. but it did'nt change the fact that the warning is still prompted for the script pkgdb, even if I update the the .dat file. I red in the Readme that the option --pkgmgr
BSDng can be use to tell rkhunter to use the package manager as its database and when I run the thing to check the system with that option the warning doesnt popup. but updating the database for the pkgdb script does nothing at all, if I dont run rkhunter whit the --pkgmgr BSDng
option I will have the same warning even if I updated the .dat file with the same option before.So what i'll do is enable PKGMGR BSDng option in the configuration file /usr/local/etc/rkhunter.conf and put it resolved. even if I dont understand the issue really for the moment. if some has a clue, thanks for sharing.
Thanks