Ubuntu
rkhunter package

rkhunter marks bootchart files as suspicious

Bug #1581860 reported by A. Mani
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
rkhunter (Ubuntu)
New
Undecided
Unassigned

Bug Description

1. Rkhunter thinks many files in /dev/.bootchart are suspicious.
2. Takes lot more time to complete.

_______________________________________edited log___________________

# sudo rkhunter -c -sk
[ Rootkit Hunter version 1.4.2 ]

[11:54:47] Checking configuration file and command-line options...
[11:54:47] Info: Detected operating system is 'Linux'
[11:54:47] Info: Found O/S name: Ubuntu 16.04 LTS
[11:54:47] Info: Command line is /usr/bin/rkhunter -c -sk
[11:54:47] Info: Environment shell is /bin/bash; rkhunter is using dash
[11:54:47] Info: Using configuration file '/etc/rkhunter.conf'
[11:54:47] Info: Installation directory is '/usr'
[11:54:47] Info: Using language 'en'
[11:54:47] Info: Using '/var/lib/rkhunter/db' as the database directory
[11:54:47] Info: Using '/usr/share/rkhunter/scripts' as the support script directory

(skip)

[11:56:33] Info: SCAN_MODE_DEV set to 'THOROUGH'
[12:25:30] Checking /dev for suspicious file types
12:25:30] Checking /dev for suspicious file types [ Warning ]
[12:25:30] Warning: Suspicious file types found in /dev:
[12:25:30] /dev/.udev/rules.d/root.rules: ASCII text
[12:25:30] /dev/.bootchart/log/header: ASCII text
[12:25:30] /dev/.bootchart/log/proc_ps.log: ASCII text, with very long lines
[12:25:30] /dev/.bootchart/log/proc_diskstats.log: ASCII text
[12:25:30] /dev/.bootchart/log/proc_stat.log: ASCII text, with very long lines
[12:25:30] /dev/.bootchart/proc/bus/pci/00/00.0: data
[12:25:30] /dev/.bootchart/proc/bus/pci/00/00.2: data
[12:25:30] /dev/.bootchart/proc/bus/pci/00/01.0: data
[12:25:30] /dev/.bootchart/proc/bus/pci/00/04.0: dBase III DBT, version number 0, next free block index 336859170
[12:25:30] /dev/.bootchart/proc/bus/pci/00/11.0: data

(skip)

[12:25:30] /dev/.bootchart/proc/bus/pci/00/16.2: data
[12:25:30] /dev/.bootchart/proc/bus/pci/00/18.0: dBase III DBT, version number 0, next free block index 335548450

(skip)

[12:25:33] The system checks took: 30 minutes and 45 seconds
_________________________________________________________

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.