> after a bit of struggling I found out how to cleanly install rkhunter > ... maybe this is useful for you: > * Download rkhunter (I downloaded v 1.2.8) > * mv /etc/rpm/platform /root/etc_rpm_platform > * setarch i386 rpmbuild -ta --target=i386 rkhunter-1.2.8.tar.gz > * mv /root/etc_rpm_platform /etc/rpm/platform > * rpm -ivh /usr/src/redhat/RPMS/noarch/rkhunter-1.2.8-1.noarch.rpm > * wget http://prdownloads.sourceforge.net/rkhunter/hashupd.sh?download > * chmod +x hashupd.sh > * ./hashupd.sh > > In general I had 2 problems: > * On my 64 bit machine, the __libdir was set to /usr/lib64 whereas > rkhunter uses an ugly "/usr/lib" > (solved with moving the platform file temporarily) > * rkhunter -c showed me all the binaries in /bin /sbin/ and /usr/bin as > 'bad'. > (solved with downloading and calling ./hashupd.sh) You can (should) use the pre-built rk-hunter package in KBS-Extras(http://centos.karan.org, or http://wiki.centos.org/Repositories). It's prebuilt for you, which solves have your issue. The other half is because rkhunter doesn't play well with prelink, which runs as a cron job and ensures that applications load as quickly as possible. There are workarounds for this, and I believe there's a patch to rkhunter which resolves it. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell