Devuan bug report logs -
#292
eudev causes false postive in rkhunter
Full log
🔗
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
This is an automatic notification regarding your bug report
which was filed against the eudev package:
#292: eudev causes false postive in rkhunter
It has been closed by Svante Signell <svante.signell@gmail.com> (reply to svante.signell@gmail.com).
Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Svante Signell <svante.signell@gmail.com> (reply to svante.signell@gmail.com) by
replying to this email.
--
292: https://bugs.devuan.org/cgi/bugreport.cgi?bug=292
Devuan Bug Tracking System
Contact owner@bugs.devuan.org with problems
[Message part 2 (message/rfc822, inline)]
Fixed by eudev-3.2.9-1, closing.
[Message part 3 (message/rfc822, inline)]
[Message part 4 (text/plain, inline)]
Package: eudev
Version: 3.2.7-5
Severity: normal
The eudev init script names it's pid file udev.pid and causes a false
positive in rkhunter:
Warning: Checking for possible rootkit files and directories [ Warning ]
Found file '/var/run/udev.pid'. Possible rootkit: xorddos component
Changing the init file to use the pid name of eudev.pid fixes the
problem.
-- Package-specific info:
-- System Information:
Distributor ID: Devuan
Description: Devuan GNU/Linux 10 (n/a)
Release: 10
Codename: n/a
Architecture: x86_64
Kernel: Linux 4.19.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US), LANGUAGE=en_US (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages eudev depends on:
ii adduser 3.118
ii debconf 1.5.70
ii libblkid1 2.32.1-0.1+devuan2.1
ii libc6 2.28-6
ii libeudev1 3.2.7-5
ii libkmod2 25-2
ii libselinux1 2.8-1+b1
ii lsb-base 9.20160110
ii procps 2:3.3.11-3
ii util-linux 2.32.1-0.1+devuan2.1
eudev recommends no packages.
eudev suggests no packages.
-- Configuration Files:
/etc/init.d/eudev changed:
PATH="/sbin:/bin"
NAME="udevd"
DAEMON="/sbin/udevd"
DESC="hot-plug events dispatcher"
PIDFILE="/run/eudev.pid"
CTRLFILE="/run/udev/control"
OMITDIR="/run/sendsigs.omit.d"
unmount_devpts() {
if mountpoint -q /dev/pts/; then
umount -n -l /dev/pts/
fi
if mountpoint -q /dev/shm/; then
umount -n -l /dev/shm/
fi
}
mount_devtmpfs() {
if grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then
mount -n -o remount,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev
return
fi
if ! mount -n -o size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev; then
log_failure_msg "udev requires devtmpfs support, not started"
log_end_msg 1
fi
return 0
}
create_dev_makedev() {
if [ -e /sbin/MAKEDEV ]; then
ln -sf /sbin/MAKEDEV /dev/MAKEDEV
else
ln -sf /bin/true /dev/MAKEDEV
fi
}
move_udev_database() {
[ -e "/dev/.udev/" ] || return 0
[ ! -e /run/udev/ ] || return 0
[ -e /run/ ] || return 0
mountpoint -q /run/ || return 0
mv /dev/.udev/ /run/udev/ || true
}
supported_kernel() {
case "$(uname -r)" in
2.[012345].*|2.6.[0-9]|2.6.[0-9][!0-9]*) return 1 ;;
2.6.[12][0-9]|2.6.[12][0-9][!0-9]*) return 1 ;;
2.6.3[0-1]|2.6.3[0-1][!0-9]*) return 1 ;;
esac
return 0
}
my_tty() {
[ -x /bin/readlink ] || return 0
[ -e /proc/self/fd/0 ] || return 0
readlink --silent /proc/self/fd/0 || true
}
warn_if_interactive() {
if [ "$RUNLEVEL" = "S" -a "$PREVLEVEL" = "N" ]; then
return
fi
TTY=$(my_tty)
if [ -z "$TTY" -o "$TTY" = "/dev/console" -o "$TTY" = "/dev/null" ]; then
return
fi
printf "\n\n\nIt has been detected that the command\n\n\t$0 $*\n\n"
printf "has been run from an interactive shell.\n"
printf "It will probably not do what you expect, so this script will wait\n"
printf "60 seconds before continuing. Press ^C to stop it.\n"
printf "RUNNING THIS COMMAND IS HIGHLY DISCOURAGED!\n\n\n\n"
sleep 60
}
make_static_nodes() {
[ -e /lib/modules/$(uname -r)/modules.devname ] || return 0
[ -x /bin/kmod ] || return 0
/bin/kmod static-nodes --format=tmpfiles --output=/proc/self/fd/1 | \
while read type name mode uid gid age arg; do
[ -e $name ] && continue
case "$type" in
c|b|c!|b!) mknod -m $mode $name $type $(echo $arg | sed 's/:/ /') ;;
d|d!) mkdir $name ;;
*) echo "unparseable line ($type $name $mode $uid $gid $age $arg)" >&2 ;;
esac
if [ -x /sbin/restorecon ]; then
/sbin/restorecon $name
fi
done
}
[ -x $DAEMON ] || exit 0
tmpfs_size="10M"
if [ -e /etc/udev/udev.conf ]; then
. /etc/udev/udev.conf
fi
. /lib/lsb/init-functions
if ! supported_kernel; then
log_failure_msg "udev requires a kernel >= 2.6.32, not started"
log_end_msg 1
fi
if [ ! -e /proc/filesystems ]; then
log_failure_msg "udev requires a mounted procfs, not started"
log_end_msg 1
fi
if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then
log_failure_msg "udev requires devtmpfs support, not started"
log_end_msg 1
fi
if [ ! -d /sys/class/ ]; then
log_failure_msg "udev requires a mounted sysfs, not started"
log_end_msg 1
fi
if ! ps --no-headers --format args ax | egrep -q '^\['; then
log_warning_msg "udev does not support containers, not started"
exit 0
fi
if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] || \
[ -e /sys/block -a ! -e /sys/class/block ]; then
log_warning_msg "CONFIG_SYSFS_DEPRECATED must not be selected"
log_warning_msg "Booting will continue in 30 seconds but many things will be broken"
sleep 30
fi
case "$1" in
start)
if mountpoint -q /dev/; then
TMPFS_MOUNTED=1
elif [ -e "/dev/.udev/" ]; then
log_warning_msg ".udev/ already exists on the static /dev"
fi
if [ ! -e "/dev/.udev/" -a ! -e "/run/udev/" ]; then
warn_if_interactive
fi
if [ -w /sys/kernel/uevent_helper ]; then
echo > /sys/kernel/uevent_helper
fi
move_udev_database
if [ -z "$TMPFS_MOUNTED" ]; then
unmount_devpts
mount_devtmpfs
[ -d /proc/1 ] || mount -n /proc
fi
make_static_nodes
# clean up parts of the database created by the initramfs udev
udevadm info --cleanup-db
# set the SELinux context for devices created in the initramfs
[ -x /sbin/restorecon ] && /sbin/restorecon -R /dev
log_daemon_msg "Starting $DESC" "$NAME"
if start-stop-daemon --start $NAME --user root --quiet \
--pidfile $PIDFILE --exec $DAEMON --background --make-pidfile; then
# prevent udevd to be killed by sendsigs (see #261 & DEBIAN #791944)
mkdir -p $OMITDIR/$NAME
ln -sf $PIDFILE $OMITDIR/$NAME
log_end_msg $?
else
log_warning_msg $?
log_warning_msg "Waiting 15 seconds and trying to continue anyway"
sleep 15
fi
log_action_begin_msg "Synthesizing the initial hotplug events"
if udevadm trigger --action=add; then
log_action_end_msg $?
else
log_action_end_msg $?
fi
create_dev_makedev
# wait for the udevd childs to finish
log_action_begin_msg "Waiting for /dev to be fully populated"
if udevadm settle; then
log_action_end_msg 0
else
log_action_end_msg 0 'timeout'
fi
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
if start-stop-daemon --stop --name $NAME --user root --quiet \
--pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then
# prevents cryptsetup/dmsetup hangs ( see #261 & Debian bug #791944 )
rm -f $CTRLFILE
log_end_msg $?
else
log_end_msg $?
fi
;;
restart)
log_daemon_msg "Stopping the hotplug events dispatcher" "udevd"
if start-stop-daemon --stop --name udevd --user root --quiet \
--pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then
# prevents cryptsetup/dmsetup hangs ( see #261 & Debian bug #791944 )
rm -f $CTRLFILE
log_end_msg $?
else
log_end_msg $? || true
fi
log_daemon_msg "Starting $DESC" "$NAME"
if start-stop-daemon --start $NAME --user root --quiet \
--pidfile $PIDFILE --exec $DAEMON --background --make-pidfile; then
# prevent udevd to be killed by sendsigs (see #261 & DEBIAN #791944)
mkdir -p $OMITDIR/$NAME
ln -sf $PIDFILE $OMITDIR/$NAME
log_end_msg $?
else
log_end_msg $?
fi
;;
reload|force-reload)
udevadm control --reload-rules
;;
status)
status_of_proc $DAEMON $NAME && exit 0 || exit $?
;;
*)
echo "Usage: /etc/init.d/udev {start|stop|restart|reload|force-reload|status}" >&2
exit 1
;;
esac
exit 0
-- no debconf information
[udev-database.txt (text/plain, attachment)]
Send a report that this bug log contains spam.