On 12/2/2006 7:50 PM, Jim Perrin wrote: >> In general I had 2 problems: >> * On my 64 bit machine, the __libdir was set to /usr/lib64 whereas >> rkhunter uses an ugly "/usr/lib" >> (solved with moving the platform file temporarily) >> * rkhunter -c showed me all the binaries in /bin /sbin/ and /usr/bin as >> 'bad'. >> (solved with downloading and calling ./hashupd.sh) > > You can (should) use the pre-built rk-hunter package in > KBS-Extras(http://centos.karan.org, or > http://wiki.centos.org/Repositories). It's prebuilt for you, which > solves have your issue. The other half is because rkhunter doesn't > play well with prelink, which runs as a cron job and ensures that > applications load as quickly as possible. There are workarounds for > this, and I believe there's a patch to rkhunter which resolves it. ok, the kbs-extras version solved the problem with __libdir (thanks for the hint!), but I've still got the issue with 'Bad' with all the files listed in /bin, /sbin and /usr/bin (and one in /usr/sbin). Here, hashupd still was necessary. Regards, Michael -- Michael Kress, kress at hal.saar.de http://www.michael-kress.de / http://kress.net P E N G U I N S A R E C O O L