[CentOS] Fwd: For the CentOS list: rkhunter and NFS

Thu May 15 21:02:40 UTC 2014
Les Mikesell <lesmikesell at gmail.com>

---------- Forwarded message ----------
From:  <m.roth at 5-cent.us>
Date: Thu, May 15, 2014 at 3:40 PM
Subject: For the CentOS list: rkhunter and NFS
To: lesmikesell at gmail.com


Hi, Les,

   Could you forward this to the CentOS list? That damn nixspam is
blocking my hosting provider's mailhost *again*; it was on and off
yesterday, and today it won't even let me remove it, and that was after
I emailed my hosting provider yesterday....

    Having an issue with rkhunter; now, my user's running debian, but I
should think this would be configurable on any distro: rkhunter's
started complaining about a missing file... which is in his home
directory, which is NFS mounted. What it says is that two files don't
exist, but are in its d/b. I'm on his system, he's logged on now, and
they're there.

    Now, I'm not sure it *should* be scanning nfs-mounted directories.
Certainly I, among others, log out at night (this runs in the middle
of the night), and it doesn't complain on any other systems.

    One last thing: he's one of my most-knowledgeable users, and when he
updates the system, he assures me he always runs rkhunter --propupd,
so we're both confused.

   Any ideas?

           mark

PS And if the CentOS *MUST* use nixspam, which I am *very* strongly of the
opinion that we can find something better, is there no way to whitelist
regular posters? Certainly, when we created a Big Eight newsgroup, back in
'93? '94? we allowed for that....