diff options
author | Eugeni Dodonov <eugeni@mandriva.org> | 2010-01-28 15:01:26 +0000 |
---|---|---|
committer | Eugeni Dodonov <eugeni@mandriva.org> | 2010-01-28 15:01:26 +0000 |
commit | 5355ea91d27c3345814bcdc4eddb8f1a60ab4279 (patch) | |
tree | 8de7f0d9861f00f0499d000b36cbefa8a670df93 | |
parent | 59b2a57559596385343f3b9dae5557b46a514efc (diff) | |
download | msec-5355ea91d27c3345814bcdc4eddb8f1a60ab4279.tar msec-5355ea91d27c3345814bcdc4eddb8f1a60ab4279.tar.gz msec-5355ea91d27c3345814bcdc4eddb8f1a60ab4279.tar.bz2 msec-5355ea91d27c3345814bcdc4eddb8f1a60ab4279.tar.xz msec-5355ea91d27c3345814bcdc4eddb8f1a60ab4279.zip |
- check if chkrootkit was removed and send a warning otherwise, and also check if chkrootkit was installed
before sending diff, fixing #51309
-rwxr-xr-x | cron-sh/scripts/04_rootkit.sh | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/cron-sh/scripts/04_rootkit.sh b/cron-sh/scripts/04_rootkit.sh index c1c8503..8060343 100755 --- a/cron-sh/scripts/04_rootkit.sh +++ b/cron-sh/scripts/04_rootkit.sh @@ -15,6 +15,9 @@ CHKROOTKIT_DIFF="/var/log/security/chkrootkit.diff" if [[ -f ${CHKROOTKIT_TODAY} ]]; then mv ${CHKROOTKIT_TODAY} ${CHKROOTKIT_YESTERDAY}; + if [ ! -x /usr/sbin/chkrootkit ]; then + printf "\nSecurity Warning: chkrootkit is enabled but was uninstalled\n" >> ${CHKROOTKIT_DIFF} + fi fi ### chkrootkit checks @@ -41,6 +44,7 @@ fi ### Changed chkrootkit if [[ ${CHECK_CHKROOTKIT} == yes ]]; then - Diffcheck ${CHKROOTKIT_TODAY} ${CHKROOTKIT_YESTERDAY} ${CHKROOTKIT_DIFF} "chkrootkit results" + if [ -x /usr/sbin/chkrootkit ]; then + Diffcheck ${CHKROOTKIT_TODAY} ${CHKROOTKIT_YESTERDAY} ${CHKROOTKIT_DIFF} "chkrootkit results" + fi fi - |