rkhunter error

Discussion in 'Server Operation' started by Tom John, Aug 22, 2021 at 6:43 PM.

  1. Tom John

    Tom John Member HowtoForge Supporter

    Hi guys,
    i am running ubuntu20.04 with ispconfig 3
    i get the following error after installing rkhunter
    Code:
    Warning: Suspicious file types found in /dev:
             /dev/shm/rhm.c2a3f3edaa8d0b3ff673: None
             /dev/shm/rhm.102601f3844c655dbc61: None
             /dev/shm/rhm.2ff4b4cc0757f2f52ff9: None
             /dev/shm/rhm.7df2c93c5da981109ae5: None
             /dev/shm/rhm.3f2c195e92f8df7d088e: None
             /dev/shm/rhm.b8fc2b53c4af33de47d3: None
             /dev/shm/rhm.086ae52b5fa454f2aee3: None
             /dev/shm/rhm.a5db18ac3017788c32e2: None
             /dev/shm/rhm.4cd1d92b39e933f620ee: None
    
    
    when i add to rkhunter.conf
    Code:
    ALLOWHIDDENFILE= /dev/shm/rhm.4cd1d92b39e933f620ee: None
    or
    ALLOWHIDDENFILE= /dev/shm/rhm.4cd1d92b39e933f620ee
    or
    ALLOWHIDDENFILE= /dev/shm/rhm
    
    
    i still get the same error suspicious file types found.
    What am i doing wrong and do i have to worry about these files after install a fresh server?
    thanks a lot for your kind help
     
  2. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    ALLOWHIDDENFILE is probably the wrong directive, those aren't hidden files. You need to use either a wildcard or directory based match, not specific file names. Search for the error and you'll find examples of how to configure rkhunter to ignore those if needed.
     

Share This Page