2

I have an Ubuntu 18.04 system running with rkhunter installed. I keep getting warnings in the rkhunter.log after unattended-upgrades has upgraded the system.

The solution to this would be running rkhunter --propupd after every automatic upgrade.

I found this which mentions /etc/apt/apt.conf.d/90rkhunter, however, this file doesn't exist on my system.

How can I make sure rkhunter --propupd is being executed after unattended-upgrades are done?

Panki
  • 6,221
  • 2
  • 24
  • 33
  • 1
    You might as well not use `rkhunter` if you're just going to blindly update its signatures at regular intervals. – eleventyone Aug 17 '20 at 11:35
  • @eleventyone it is simply not feasible to investigate the rkhunter logs on hundreds of servers every day. It is expected that `apt` changes signatures. I don't need warnings for something I'm aware that's happening. – Panki Aug 17 '20 at 11:38

1 Answers1

1

/etc/apt/apt.conf.d/90rkhunter ships as part of the rkhunter package, so it must have been removed (and the package will not put it back because it is configuration data). You can download the package and extract its files with dpkg-deb to get a clean copy and see what you're missing.

eleventyone
  • 777
  • 3
  • 14