Today I added rkhunter to check for Rootkits. There is a Debian version of this which installs fine using
apt-get intall rkhunter
The package installs rkhunter into /usr/bin
The instructions here are good –> https://sourceforge.net/p/rkhunter/wiki/install/ but need to be followed carefully.
I did also install skdet and unhide as suggested. Again the instructions work just fine. I had some trouble with the patch command for skdet but only as I typed -pl and not -p1 (a 1 not an l)!
The tests all worked fine and nothing found.
Config files are in /etc/rkhunter.conf
The package comes with a cron.daily job in etc/cron.daily which pulls in some default values from /etc/default/rkhunter. So this file needs to be update to make the cron job do anything.
and this is where the trouble started……
This job uses sendmail. So you would think, well I did to install sendmail. I did without looking at the dependencies and it wipes out Openmediavault! Ekkk!
So 36 hours later we are running again! It corrupted the system on a reboot and networking did not work.
Eventually I worked out that sendmail did not uninstall correctly and OMV did not install correctly. The Linux prompts help but key were reloading OMV Extras. Nothing worked except apt-get clean followed by a load using
wget -O – http://omv-extras.org/install | bash
which I got from the OMV Extras site here…. http://omv-extras.org/joomla/index.php/guides
(Interesting just noticed they are using Joomla!)
I needed to remove some packages using apt-get purge after checking what they were using wget -l | grep openm.
At last working OK. Note some editing needed on the etc/openmediavault/config.xml to remove old entries which cause errors. Clever .xml record what should be in OMV which is fine until things go wrong! Also read the developers guide for info on how to edit the xml without actually accessing the file directly.