I have rkhunter-1.4.4 installed from the quarterly packages build. Running "pkg check -s -g rkhunter" gives the following:
Checking rkhunter: 0%
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/db/i18n/en
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/db/i18n/tr
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/db/i18n/tr.utf8
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/tmp/group
rkhunter-1.4.4: checksum mismatch for /usr/local/var/lib/rkhunter/tmp/passwd
Checking rkhunter: 100%
I had installed rkhunter with port. I had the same result with pkg check, but recompile rkhunter
No! The issue appears again.
FYI: Same warnings on HardenedBSD 11.1 (v1100054) with the latest official packages from their repo.
I've noticed this as well (and had hoped it would be fixed soon, but apparently it does not affect all people?). Also `rkhunter --update` now seems to fail. I already tried rebuilding the port, but to no avail.
(In reply to Peter Putzer from comment #4)
OK, the update problem is due to SourceForge being down, but the checksum mismatch is still a thing :(
Should solved with update to 1.4.6 => bug #227837.
(In reply to w.schwarzenfeld from comment #6)
I'm not convinced that 1.4.6 will fix this permanently, because the problems are in the port.
There are two different problems:
1) The files in /usr/local/var/lib/rkhunter/db/i18n/ can updated by the --update option. If you want to include them in the pkg, then I think they should be handled using @sample in the pkg-plist like mirrors.dat (and renamed to *.sample in the do-install part of the Makefile).
2) The files in /usr/local/var/lib/rkhunter/tmp/passwd and /usr/local/var/lib/rkhunter/tmp/group are updated when rkhunter is run, so should not be copied into the pkg. I think pkg-plist should be changed to replace
by something like
@postexec cp /etc/passed %D/var/lib/rkhunter/tmp/passwd 2> /dev/null || true
@postunexec rm -f %D/var/lib/rkhunter/tmp/passwd 2> /dev/null || true
and ditto for var/lib/rkhunter/tmp/group.
You are right, I change it in the other PR: