Gentoo Archives: gentoo-user

From: Dale <rdalek1967@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] rkhunter reports xorddos component
Date: Wed, 27 Feb 2019 15:54:08
Message-Id: 99a28603-482a-ddce-de0e-1325d225d96c@gmail.com
In Reply to: Re: [gentoo-user] rkhunter reports xorddos component by Mick
1 Mick wrote:
2 > On Wednesday, 27 February 2019 13:50:58 GMT Dale wrote:
3 >
4 >> Little info here. I don't run systemd here but I also have that file.
5 > I checked on a non-gentoo systemd based distro and this file is not there. It
6 > seems it is related to sys-fs/udev-init-scripts.
7
8 I mentioned that so that systemd can be eliminated as a cause.  It has
9 to be related to something besides that.  Most likely, the udev thingy. 
10 lol 
11
12
13 >
14 >> I checked with equery b but obviously nothing owns it since it is a pid
15 >> file generated when udev or something starts. This is my versions of
16 >> udev, dbus and other friends:
17 >>
18 >>
19 >> root@fireball / # equery list *udev* dbus
20 >> * Searching for *udev* ...
21 >> [IP-] [ ] dev-libs/libgudev-232:0/0
22 >> [IP-] [ ] sys-fs/eudev-3.2.5:0
23 >> [IP-] [ ] sys-fs/udev-init-scripts-33:0
24 >> [IP-] [ ] virtual/libgudev-232:0/0
25 >> [IP-] [ ] virtual/libudev-232:0/1
26 >> [IP-] [ ] virtual/udev-217:0
27 >>
28 >> * Searching for dbus ...
29 >> [IP-] [ ] sys-apps/dbus-1.10.24:0
30 >> root@fireball / #
31 > My versions are more recent than yours, although sys-fs/udev-init-scripts-33:0
32 > are the same. I think this is what's bringing this PID file in /run/.
33 >
34 > False positive me thinks, which is not a first for rkhunter.
35 >
36 > Thanks Dale for letting me know.
37
38
39 More than happy to help.  We compare enough, we'll get to the bottom of
40 it eventually. 
41
42 Dale
43
44 :-)  :-)