From owner-freebsd-stable@FreeBSD.ORG Wed Jun 11 11:07:05 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 132CB181 for ; Wed, 11 Jun 2014 11:07:05 +0000 (UTC) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smtp.fagskolen.gjovik.no", Issuer "Fagskolen i Gj??vik" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 9884B29F4 for ; Wed, 11 Jun 2014 11:07:04 +0000 (UTC) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.14.9/8.14.9) with ESMTP id s5BB6vsv051502 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 11 Jun 2014 13:06:57 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.14.9/8.14.9/Submit) with ESMTP id s5BB6vm0051499 for ; Wed, 11 Jun 2014 13:06:57 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Wed, 11 Jun 2014 13:06:57 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Sender: Trond.Endrestol@fagskolen.gjovik.no To: FreeBSD stable Subject: security/rkhunter 1.4.2 and fdescfs mounted on /dev/fd Message-ID: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 11:07:05 -0000 Just another heads-up. With security/rkhunter 1.4.2 and fdescfs mounted on /dev/fd, I was forced to change SCAN_MODE_DEV from THOROUGH to LAZY. Otherwise rkhunter would complain about missing file descriptors, typically it would whine about /dev/fd/3 and .../4. I tried a number of different settings, but none of them worked. If anyone comes up with a better solution, please speak up. shells/bash more or less requires fdescfs mounted on /dev/fd, in case someone wondered. -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestøl, | Trond Endrestøl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjøvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ From owner-freebsd-stable@FreeBSD.ORG Wed Jun 11 13:03:21 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 296308B2 for ; Wed, 11 Jun 2014 13:03:21 +0000 (UTC) Received: from smtp.pobox.com (smtp.pobox.com [208.72.237.35]) by mx1.freebsd.org (Postfix) with ESMTP id E7E8C24ED for ; Wed, 11 Jun 2014 13:03:20 +0000 (UTC) Received: from smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp0.pobox.com (Postfix) with ESMTP id A379E1AFF3 for ; Wed, 11 Jun 2014 09:03:12 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date:from:to :subject:message-id:references:mime-version:content-type :in-reply-to; s=sasl; bh=tOrmqVJNaposhwv2ayspv/fJXSY=; b=at1Oa48 9VtKlNy2awDUsRvlOyB++Sx16TzMtnS1RjFem81AKAjT2XFMeI5rDjBwjLrEY3m2 ygOMCLdM70Krl4FXXEsb/RQNyxU1yEXakHewYeTjyK7qtZ99B2/7puzOc+c+8kQU zvPtZ8Kvzp+w3sWBvTDTujqP5p4ei5FuWSjA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:from:to :subject:message-id:references:mime-version:content-type :in-reply-to; q=dns; s=sasl; b=eKSKrsvt3raLLGXLn05MB2CjJZsHr83wO aGBerEgpNnvMiilm6EKz89tJ2KfFngaOSd99srHmIo+JQv4Va3kCaPd8dZqn3Kqc yfPbpU9RL37KWs+kIBjxCw+S8ZeyIpKDP2qH2K04Hb/XVlEIzP358zcGXvBw7TLR bUoCZKnEPM= Received: from pb-smtp0.int.icgroup.com (unknown [127.0.0.1]) by pb-smtp0.pobox.com (Postfix) with ESMTP id 786CE1AFF2 for ; Wed, 11 Jun 2014 09:03:12 -0400 (EDT) Received: from localhost (unknown [50.90.2.70]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pb-smtp0.pobox.com (Postfix) with ESMTPSA id 8D2551AFF0 for ; Wed, 11 Jun 2014 09:03:08 -0400 (EDT) Date: Wed, 11 Jun 2014 09:03:07 -0400 From: Chris Nehren To: freebsd-stable@freebsd.org Subject: Re: security/rkhunter 1.4.2 and fdescfs mounted on /dev/fd Message-ID: <20140611130307.GA62128@behemoth> Mail-Followup-To: freebsd-stable@freebsd.org References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4Ckj6UjgE2iN1+kY" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Pobox-Relay-ID: BC18C544-F168-11E3-BE69-9903E9FBB39C-49531120!pb-smtp0.pobox.com X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 13:03:21 -0000 --4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jun 11, 2014 at 13:06:57 +0200, Trond Endrest=F8l wrote: > shells/bash more or less requires fdescfs mounted on /dev/fd, in case=20 > someone wondered. What kinds of things fail when this isn't the case? I've not heard of or seen any issues with shells/bash and I don't have fdescfs mounted. --=20 Chris Nehren --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJbBAABAgBFBQJTmFOLPhSAAAAAABUAIHBrYS1hZGRyZXNzQGdudXBnLm9yZ2Nu ZWhyZW4rZnJlZWJzZC1zdGFibGVAcG9ib3guY29tAAoJEBHA+GJAM0vPEbQP/14H DTSo90yHHermiEEKlyZtP44pQdE2Ed0d977PfTVACdRJRJPxcVwT6kYra519xig4 IG7vC4wYy8Slny6fXIuilWh5AqOy9wJsYMp5TzlYt+dr2B/cn/CW+podQiMcdvrl 0RigrYLIeVUyU3b6I0pHaRgDTikkDs9yi8JbeKaJTtyFCewZukt2xU2uJoLWgSgd dC4wwHvQT3q2xCR/4Ep4lMthxGutSN5bJYOxQudqIEFGtMD90kcTEpZDojATOjgH H1+5hgHGWNz7eoftiVwwr143r2dNgy/f5KE1jNi7vEf+7Oehsr6b1japtpUAnfCr okXlqYj5azCpaQto8jvO3fovViB8s2mtnpacgcfd1t03mkp0cTkv8q4L02QsuRPM pHi0yj4Mm41BDEdAymoHwvVhDEeveNLd3BybUBIeU8tsSI4w+FYhONk3vccp3iTX Pp6rQq89UyRZ3DwmtSOEXaMjLen5tJqVKehouXnl7LeMrFQJ+GndIa5MVLQH17Yr Ub36cYIRCEs7xE54lihiuSJ8cUwMKmmuvss4FIIAj3yDK6v2K7kj30ao0ev7pQJN zxfyTLCvO7xzu5a/zjo74sbb9wd0hi5xbZ+7tZm5IMfzzJMSzUtMZT02s6YU4lIn DJvGA9uv33HlPJr/pOTM33CowCw2mqvk7omnmgTR =y0Ci -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY--