/etc/cron.daily/01-rkhunter Log Error

daley

/etc/cron.daily/01-rkhunter Log Error

« on: March 19, 2007, 05:23:28 PM »

Hi,

This is my new smeserver7.1.2 box setup, can someone help me to address this error log.

Is it something that i have missed out in my configuration? Please help.

Thanks,
Daley

Subject: Cron <root@ns1> run-parts /etc/cron.daily
/etc/cron.daily/01-rkhunter:

Determining OS... Warning: This operating system is not fully supported!
Checking for allowed root login... Watch out Root login possible. Possible risk!
-----------------------------------------------------------------

Found warnings:
[04:02:05] Warning: This operating system is not fully supported!
[04:11:17] Warning: root login possible. Change for your safety the 'PermitRootLogin'

-----------------------------------------------------------------

If you're unsure about the results above, please contact the
Rootkit Hunter team through the Rootkit Hunter mailinglist
at rkhunter-users@lists.sourceforge.net.
Some errors has been found while checking. Please perform a manual check on this machine (ns1)
/etc/cron.daily/0check4updates:

Cannot open/read repomd.xml file for repository: smeaddons
failure: repodata/repomd.xml from smeaddons: [Errno 256] No more mirrors to try.
Error: failure: repodata/repomd.xml from smeaddons: [Errno 256] No more mirrors to try.
/etc/cron.daily/conf-mod_ssl:

ERROR in /etc/e-smith/templates//home/e-smith/ssl.crt: Program fragment delivered error <<ERROR: Date::Manip unable to determine TimeZone.
at /usr/lib/perl5/vendor_perl/5.8.5/Date/Manip.pm line 3495
Date::Manip::Date_TimeZone called at /usr/lib/perl5/vendor_perl/5.8.5/Date/Manip.pm line 661
Date::Manip::Date_Init() called at /usr/lib/perl5/vendor_perl/5.8.5/Date/Manip.pm line 1395
Date::Manip::ParseDate('Mar 15 17:53:31 GMT 2008\x{a}') called at /etc/e-smith/templates//home/e-smith/ssl.crt line 21
eval 'package esmith::__TEMPLATE__::3; ;
#line 1 /etc/e-smith/templates//home/e-smith/ssl.crt

use constant KEYLIFEINDAYS => 365;
use Date::Manip;
use Cwd;
my $here = getcwd;

my $FQDN = "$SystemName.$DomainName";
my $crt = "/home/e-smith/ssl.crt/$FQDN.crt";
my $key = "/home/e-smith/ssl.key/$FQDN.key";
my $defaultCity = $ldap{defaultCity};
my $defaultCompany = $ldap{defaultCompany};
my $defaultDepartment = $ldap{defaultDepartment};
my $email = "admin\\@$FQDN";

if ( -f $crt )
{
my $expire = `openssl x509 -enddate -noout -in $crt`;
$expire =~ s/^notAfter=//;
$expire =~ s#(\\d{4}) (\\w{3})#$2 $1#;

if ( Date_Cmp(\'today\', ParseDate($expire)) < 0 ) {
my $expected_issuer = \'/C=--\' .
\'/ST=----\';
$expected_issuer .= \'/L=\' . ($defaultCity ? $defaultCity : \'Newbury\');
$expected_issuer .= \'/O=\' . ($defaultCompany ? $defaultCompany : \'My Company Ltd\');
$expected_issuer .= "/OU=$defaultDepartment" if $defaultDepartment;
$expected_issuer .= "/CN=$FQDN" .
"/emailAddress=$email";
my $issuer = `openssl x509 -issuer -noout -in $crt`;
chomp $issuer;
$issuer =~ s/^issuer= //;
if ($issuer eq $expected_issuer)
{
# Old key file is still good. Read it out - processTemplate will work
# out that it hasn\'t changed, and leave the old one in place
open(C, "$crt") or die "Couldn\'t open crt file: $!";
my @crt = <C>;
chomp @crt;
$OUT = join "\\n", @crt;
close(C);
return;
}
}
}
# go to somewhere private and safe where we can run programs
# as root
unless (-e "/tmp/ssl")
{
mkdir "/tmp/ssl", 0700;
}
chdir "/tmp/ssl" or die "Couldn\'t change to secure directory: $!";

$SIG{ALRM} = sub { die "whoops, $program pipe broke" };

unless (open(SSL,"-|"))
{
my $pid = open(RSACERT, "|-");
if ($pid)
{
# parent

# anonymous sub to crop a variable to a specified size
my $cropLeft = sub {
my ($var, $len) = @_;
if (length($var) > $len)
{
$var = substr($var, 0, $len);
}
return $var;
};

# crop fields that are too long for X509:
$defaultCity = &$cropLeft($defaultCity, 128);
$defaultCompany = &$cropLeft($defaultCompany, 64);
$defaultDepartment = &$cropLeft($defaultDepartment, 64);
$FQDN = &$cropLeft($FQDN, 64);
$email = &$cropLeft($email, 40);

foreach (
"--",
"----",
"$defaultCity",
"$defaultCompany",
"$defaultDepartment",
"$FQDN",
"$email"
)
{
print RSACERT "$_\\n";
}
close(RSACERT) || die "RSACERT kid exited $?";
exit (0);
}
else
{
# child
exec("/usr/bin/openssl",
qw(req -new -key),
$key,
qw(-x509 -days), KEYLIFEINDAYS,
qw(-set_serial), time(),
)
|| die "can\'t exec program: $!";
# NOTREACHED
}
}
while (<SSL>)
{
$OUT .= $_;
}
close(SSL) or die "Closing openssl pipe reported: $!";
chdir $here;
;' called at /usr/lib/perl5/vendor_perl/5.8.5/Text/Template.pm line 319
Text::Template::fill_in('Text::Template=HASH(0x84fed90)', 'HASH', 'ARRAY(0x84f4ca4)', 'PACKAGE', 'esmith::__TEMPLATE__::3', 'BROKEN', 'CODE(0x84e4f98)', 'UNTAINT', 1, ...) called at /usr/lib/perl5/vendor_perl/5.8.5/Text/Template.pm line 382
Text::Template::fill_in_file('/etc/e-smith/templates//home/e-smith/ssl.crt', 'HASH', 'ARRAY(0x84f4ca4)', 'PACKAGE', 'esmith::__TEMPLATE__::3', 'BROKEN', 'CODE(0x84e4f98)', 'UNTAINT', 1, ...) called at /usr/lib/perl5/site_perl/esmith/templates.pm line 528
esmith::templates::processTemplate('HASH(0x8503364)') called at /etc/e-smith/templates//home/e-smith/ssl.pem/40crt line 10
eval 'package esmith::__TEMPLATE__::1; ;
#line 1 /etc/e-smith/templates//home/e-smith/ssl.pem/40crt

my $domain = $DomainName || "localdomain";
my $hostname = $SystemName || "localhost";

my $crt = $modSSL{\'crt\'};
unless ($crt)
{
$crt = "/home/e-smith/ssl.crt/$hostname.$domain.crt";
use esmith::templates;
esmith::templates::processTemplate({
TEMPLATE_PATH => "/home/e-smith/ssl.crt/crt",
OUTPUT_FILENAME => $crt,
});
}
open(CRT, $crt) or die "Could not open crt file: $!";
my @crt = <CRT>;
chomp @crt;
$OUT = join "\\n", @crt;
close CRT;
;' called at /usr/lib/perl5/vendor_perl/5.8.5/Text/Template.pm line 319
Text::Template::fill_in('Text::Template=HASH(0x84e5124)', 'HASH', 'ARRAY(0x8397324)', 'PACKAGE', 'esmith::__TEMPLATE__::1', 'BROKEN', 'CODE(0x84216ac)', 'UNTAINT', 1, ...) called at /usr/lib/perl5/vendor_perl/5.8.5/Text/Template.pm line 382
Text::Template::fill_in_file('/etc/e-smith/templates//home/e-smith/ssl.pem/40crt', 'HASH', 'ARRAY(0x8397324)', 'PACKAGE', 'esmith::__TEMPLATE__::1', 'BROKEN', 'CODE(0x84216ac)', 'UNTAINT', 1, ...) called at /usr/lib/perl5/site_perl/esmith/templates.pm line 528
esmith::templates::processTemplate('HASH(0x8211b2c)') called at /sbin/e-smith/expand-template line 45>> at template line 1
WARNING in /etc/e-smith/templates//home/e-smith/ssl.pem/40crt: ERROR: Template processing failed for //home/e-smith/ssl.crt/ns1.llbm.ath.cx.crt: 1 fragment generated errors
at /etc/e-smith/templates//home/e-smith/ssl.pem/40crt line 10
WARNING: Template processing succeeded for //home/e-smith/ssl.pem/ns1.llbm.ath.cx.pem: 1 fragment generated warnings
at /sbin/e-smith/expand-template line 45
/etc/cron.daily/freshclam:

ERROR: Can't get information about db.local.clamav.net: Temporary DNS error
ERROR: Can't get information about db.local.clamav.net: Temporary DNS error
/etc/cron.daily/logrotate:

error: error accessing /var/log/snort/*: No such file or directory
error: snort:4 glob failed for /var/log/snort/*/*log

Logged

skydivers

178
+0/-0

/etc/cron.daily/01-rkhunter Log Error

« Reply #1 on: March 19, 2007, 06:29:51 PM »

There are already bug reports on this topic in the bug tracker. There's also a solution for this bug, comes with 7.1.3

Sorry, read it to fast, my answer is for the os warning!

Logged

bpivk

908
+0/-0

/etc/cron.daily/01-rkhunter Log Error

« Reply #2 on: March 19, 2007, 07:34:20 PM »

You can find a script for the os warning. Just go to rkhunter sourceforge website and duwnload and run it.

For the second error... About root login: Disable ssh login in remote access part of the server-manager pannel.

The third error has something to do with your custom certificate and you should undo all your work and start from scratch.

Then you have the forth and fifth error which i can't make out heads or tails but it seems you messed up something important.

So fix what you can and then try to resolve the other errors.

Logged

"It should just work" if it doesn't report it. Thanks!