rkhunter
报道称
[17:15:45] Checking for hidden files and directories [ Warning ]
[17:15:45] Warning: Hidden file found: /etc/.updated: ASCII text
[17:15:45] Warning: Hidden file found: /usr/share/man/man5/.k5identity.5.gz: gzip compressed data, max compression, from Unix, truncated
[17:15:45] Warning: Hidden file found: /usr/share/man/man5/.k5login.5.gz: gzip compressed data, max compression, from Unix, truncate
查看文件
vorac@msi:/usr/share/man/man5$ ll .k5*
-rw-r--r-- 1 root root 42 Nov 13 20:07 .k5identity.5.gz
-rw-r--r-- 1 root root 39 Nov 13 20:07 .k5login.5.gz
vorac@msi:/usr/share/man/man5$ file .k5*
.k5identity.5.gz: gzip compressed data, max compression, from Unix, truncated
.k5login.5.gz: gzip compressed data, max compression, from Unix, truncated
vorac@msi:/usr/share/man/man5$ pacman -F .k5*
core/krb5 1.19.2-2 [installed]
usr/share/man/man5/.k5identity.5.gz
core/krb5 1.19.2-2 [installed]
usr/share/man/man5/.k5login.5.gz
这些可能是恶意的吗?
答案1
/etc/.updated
使用的是systemd-update-done.service
并按/usr/share/man/man5/
计划man
。
您可以ALLOWHIDDENFILE=/path/to/hidden/file
在配置中使用来禁用 rkhinter 警告。