Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 694346 - app-forensics/rkhunter-1.4.6-r1 with sys-apps/keyutils-1.6.1 - rkhunter: Found file '/lib64/libkeyutils.so.1.9'. Possible rootkit: Sniffer component
Summary: app-forensics/rkhunter-1.4.6-r1 with sys-apps/keyutils-1.6.1 - rkhunter: Foun...
Status: UNCONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Michael Palimaka (kensington)
URL:
Whiteboard:
Keywords: UPSTREAM
Depends on:
Blocks:
 
Reported: 2019-09-14 08:58 UTC by Alex Efros
Modified: 2019-09-19 09:04 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Efros 2019-09-14 08:58:58 UTC
After updating from sys-apps/keyutils-1.5.9-r4 to 1.6.1:

# cat /var/log/rkhunter.log
...
[08:42:37]     Checking for file '/lib64/libkeyutils.so.1.9' [ Warning ]
...
[08:42:41] Warning: Checking for possible rootkit files and directories [ Warning ]
[08:42:41]          Found file '/lib64/libkeyutils.so.1.9'. Possible rootkit: Sniffer component
...

Virustotal says file clean, so may be false positive.