rkhunter warn me after a "sudo firecfg" #5234
-
|
Hello, Is that normal that all those binary are modified after a "sudo firecfg" ? Why ?
Thx for your help :) |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
The binaries itself are installed under TL;DR: Totally normal. You can check if you can configure rkhunter to skip |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for your answer, have a nice day. |
Beta Was this translation helpful? Give feedback.
-
|
FYI #5236 |
Beta Was this translation helpful? Give feedback.
The binaries itself are installed under
/usr/binand do not get modified. What happens here is that firecfg creates symlinks to firejail which the names of the binaries in a directory in$PATHwith a higher order than/usr/bin(read it's documentation for more details) so you executefirejailinstead ofsshif you typessh.firejailthen detects that it was started through a symlink namedsshand startssshin a sandbox.TL;DR: Totally normal.
You can check if you can configure rkhunter to skip
/usr/local/binto check the actual binaries.