Richard Möhn wrote:
On Thu, Oct 30, 2008 at 06:01:22AM -0600, Hugo Vanwoerkom wrote:Did mondo backup to DVD + restored to different partition. Now on that different partition rkhunter spits out all sorts of warnings: ... Warning: The file properties have changed: File: /bin/bash Current inode: 472355 Stored inode: 944706 ... How to tell rkhunter:Hey dude, we are on a different partition! Reset all your warnings and start from scratch!Maybe with: rkhunter --propupd I don't know if it will work, but this command seems the best matching in the manpage.
I used the chicken way out: apt-get remove --purge rkhunter apt-get install rkhunter and then got only:Warning: The file '/usr/sbin/unhide' exists on the system, but it is not present in the rkhunter.dat file. Warning: The file '/usr/sbin/unhide-linux26' exists on the system, but it is not present in the rkhunter.dat file.
Warning: Found enabled inetd service: printer Warning: Found enabled inetd service: /usr/sbin/vmware-authdNote that the first 2 warnings are his own doing: those 2 files were installed when rkhunter was installed.
Hugo