Rkhunter /usr/bin/unhide.rb has been replaced by /usr/bin/unhide.rb

04 Jul 2013

Posted in: technology. Tagged: linux, ruby, security

I have recently moved over to Rootkit Hunter (rkhunter) instead of using fcheck, one issue that I encountered on all our Ubuntu servers was the error:

Warning: The command '/usr/bin/unhide.rb' has been replaced by a script: /usr/bin/unhide.rb: Ruby script

Googling confirmed that this error was normal on Ubuntu systems, but I found no solution. Fortunately the solution was simple, simply editing /etc/rkhunter.conf and adding the following line at the appropriate place:

SCRIPTWHITELIST=/usr/bin/unhide.rb

chrisjrob

Rkhunter /usr/bin/unhide.rb has been replaced by /usr/bin/unhide.rb

Related Posts

Fixing SVG Files in DokuWiki 27 Jan 2022

Fixing Album Art in SONOS Under Linux 23 Sep 2018

Windows 10 Black Screen After Remote Desktop 21 Nov 2017