I have a rootkit hunter (rkhunter) installed on my server.
This morning it has come up with a notice that two files have changed from their originals:
issue:
"The file permissions have changed"
"The file group has changed"
and
Issue:
"The file permissions have changed"
***
Due to the nature of what 'su' does, and to some extent the same for 'locate', I want to double check reasons for this noted change.
So I am now trying to tick off options for what causes these changes to narrow down the results (and hopefully whitelist these changes on future rkhunter runs) . Does WHM make these changes and did WHM make these changes in the last couple of days (ie from 12th October 2020). No WHM system updates have been recently noted.
Cheers
This morning it has come up with a notice that two files have changed from their originals:
Code:
/usr/bin/locate"The file permissions have changed"
"The file group has changed"
and
Code:
/usr/bin/su"The file permissions have changed"
***
Due to the nature of what 'su' does, and to some extent the same for 'locate', I want to double check reasons for this noted change.
So I am now trying to tick off options for what causes these changes to narrow down the results (and hopefully whitelist these changes on future rkhunter runs) . Does WHM make these changes and did WHM make these changes in the last couple of days (ie from 12th October 2020). No WHM system updates have been recently noted.
Cheers
Last edited:
