ispCP - Board - Support
Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" [Solved] - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" [Solved] (/thread-4039.html)

Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" [Solved] - aseques - 08-14-2008 07:54 PM

Hi, I saw that this problem appears in ubuntu 8.04 (probably lenny too) after a fresh install (at least in my case)
There are two different problems:
The first is that in the 1.3.x versions of rkhunter the options --scan-knownbad-files and --check-deleted are no longer supported, so the checks doesn't start.

The second is the message telling me that rkhunter.log doesn't exist, I looked at this:
The file is in the cron
Code:
0       */12    *       *       *       root /usr/bin/rkhunter --scan-knownbad-files --check-deleted --cronjob --createlogfile /var/log/rkhunter.log >/dev/null 2>&1

The permissions of the created log seem to be fine
Code:
# ls -l /var/log/rkhunter.log
-rw------- 1 root root 74991 2008-08-14 06:45 rkhunter.log

The openbasedir for master seems ok too
Code:
open_basedir = "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"

Cheers!

RE: Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" - kilburn - 08-14-2008 08:45 PM

Quote:The permissions of the created log seem to be fine
Code:
# ls -l /var/log/rkhunter.log
-rw------- 1 root root 74991 2008-08-14 06:45 rkhunter.log

Wrong. Since the panel gui runs as vu2000:vu2000, you need to change permissions to:
Code:
# ls -l /var/log/rkhunter.log
-rw-r----- 1 root vu2000 74991 2008-08-14 06:45 rkhunter.log


RE: Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" - aseques - 08-15-2008 12:05 AM

Ok, changed ...
It would be nicer if it could be changed without having to chgrp or chmod the files by hand (haven't find the solution in the man so far)

About the two deprecated command, something should be done, since without removing those flags, the scanner won't start.

Regards

RE: Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" - RatS - 08-16-2008 10:51 PM

added in setup

RE: Fresh RC6 Install "/var/log/rkhunter.log doesn't exist or is empty" - aseques - 08-18-2008 05:36 PM

RatS Wrote:added in setup

Cool !