-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 21 November 2003 16:22, Bret Hughes wrote: > you are not running the same thing. > > the [ -f filename ] is a test to see if a file is a regular file and > exists. the -o is an operator to the test function not passed to run. > infact [ is a symbolic link to test Thanks for the education, Bret, I misread to precedence of who owned the switches. > on my fedora test box: > the return code indicates that neither test was true. [agreen@fastcat agreen]$ ll /usr/bin/run - -rwxr-xr-x 1 root root 28380 Sep 26 14:52 /usr/bin/run If I understood you correctly then this is enough to fire the warning? [agreen@fastcat agreen]$ rpm --query --whatprovides /usr/bin/run run-2.0-3 Sure enough when I look at http://download.fedora.redhat.com/pub/fedora/linux/core/1/i386/os/Fedora/RPMS/ I see run-2.0-3.i386.rpm Downloading it and looking in it shows [agreen@fastcat agreen]$ rpm -q --list -p run-2.0-3.i386.rpm warning: run-2.0-3.i386.rpm: V3 DSA signature: NOKEY, key ID 4f2a6fd2 /usr/bin/run /usr/share/doc/run-2.0 /usr/share/doc/run-2.0/README /usr/share/man/man1/run.1.gz It seems if you have this fedora package installed, you will fire the warning in chkrootkit. - -Andy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/vkKEjKeDCxMJCTIRAv4yAJ43FK8BRI2ja+yY7rG4MmcPiokLCQCdHJjz HYZGCRPcgud9EsyhrLMVmTw= =6zD+ -----END PGP SIGNATURE-----
