rkhunter update fails "Invalid WEB_CMD configuration option"
I found that rkhunter v1.4.2 on Debian stretch and after upgrading to rkhunter v1.4.4 on Ubuntu 17.10 have a strange problem that I cannot perform an update. In both instances I receive the following:
$ sudo rkhunter --versioncheck Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"
$ sudo rkhunter --update Invalid WEB_CMD configuration option: Relative pathname: "/bin/false"
A search around the net shows that this was an intentional change in the last point release which included an update for rkhunter
as well. It is due to #866677.
In searching for a resolution, I first attempted to remove /bin/false
from the WEB_CMD in the rkhunter.conf
but this resulted in another issue where updates would fail:
$ sudo rkhunter --update [ Rootkit Hunter version 1.4.2 ] Checking rkhunter data files... Checking file mirrors.dat [ Skipped ] Checking file programs_bad.dat [ Update failed ] Checking file backdoorports.dat [ Update failed ] Checking file suspscan.dat [ Update failed ] Checking file i18n versions [ Update failed ]
In digging a little into the rkhunter source (https://sourceforge.net/projects/rkhunter/files/) and an older configuration file on my system I found the following differences:
$ diff /etc/rkhunter.conf /etc/rkhunter.conf.dpkg-dist 108c107 < UPDATE_MIRRORS=0 --- > #UPDATE_MIRRORS=1 124c122 < MIRRORS_MODE=1 --- > #MIRRORS_MODE=0 325c323 < WEB_CMD="/bin/false" --- > WEB_CMD=""
Therefore, all I needed to do is to replace the following entries in the /etc/rkhunter.conf
file
Old value | New value |
---|---|
UPDATE_MIRRORS=0 | UPDATE_MIRRORS=1 |
MIRRORS_MODE=1 | MIRRORS_MODE=0 |
WEB_CMD="/bin/false" | WEB_CMD="" |
After the changes, running rkhunter
updates are now successful:
$ sudo rkhunter --versioncheck [ Rootkit Hunter version 1.4.2 ] Checking rkhunter version... This version : 1.4.2 Latest version: 1.4.2
$ sudo rkhunter --update [ Rootkit Hunter version 1.4.2 ] Checking rkhunter data files... Checking file mirrors.dat [ No update ] Checking file programs_bad.dat [ No update ] Checking file backdoorports.dat [ No update ] Checking file suspscan.dat [ No update ] Checking file i18n versions [ Skipped ]
This fix also works for rkhunter
v1.4.4