Pak Jiddat

Read: In the name of thy Lord Who createth, Createth man from a clot. Read: And thy Lord is the Most Bounteous, Who teacheth by the pen, Teacheth man that which he knew not. Nay, but verily man is rebellious That he thinketh himself independent!. Lo! unto thy Lord is the return. (Sura Alalaq 96:8)

Whitelisting devices and files for RKhunter

Created On: 14 Apr, 2017: 10:24:54 - Tags : security


Some programs like postgresql create virtual memory devices under /dev/. RKhunter may raise warnings for these devices. To whitelist a device under dev the ALLOWDEVFILE directive can be used. Ths value of this directive is a single device path. Wildcard (*) may be used inside the device path. Multiple instances of the ALLOWDEVFILE directive are allowed.

Some programs such as Odoo ERP can update your /etc/passwd and /etc/group files. RKhunter may report a warning for these file changes. To whitelist the file the RTKT_FILE_WHITELIST directive can be used. The value of this directive is the full path to the file to be whitelisted. If certain strings within the file need to be whitelisted, then the string name can be appended to the file path, with a colon before the string. e.g RTKT_FILE_WHITELIST=/etc/passwd:postgres will whitelist the postgres user entry inside /etc/passwd file

Related Articles

  1. PrivateTmp systemd option prevents access to tmp folder
  2. Generating free SSL certificate from LetsEncrypt on localhost
  3. INADEQUATE_SECURITY - SSL Cipher problems with HTTP2
  4. Preventing spam messages with Contact Form 7 WordPress plugin
  5. Generate Certificate Signing Request (CSR) for ssl certificates
  6. Making cross domain Ajax calls using JSONP
  7. Using Oauth2l
  8. Use of Preflight request in HTTP Cross Origin Resourse Sharing (CORS)