My question is very simple and I'm very surprised to see that this question haven't be asked before.
How to add a file or a directory to rkhunter checking ? With that I could see my directory appears in the 'rkhunter –propupd' command
I know I can modify the .dat file but if I do that , I'd rather do a script myself to check for md5sum/sha1sum for my specific directory
Hope that someone could help me ! Have a good day 🙂
Best Answer
EDIT: Maybe I confused you (of course I did, I wrote or instead of and...)
Here's a step by step:
add config in
rkhunter.conf
:run
rkhunter --propupd
run
rkhunter --check [--sk]
(if you want to, should return no errors or warnings)edit the file
/var/local/test/test.bla
run
rkhunter --check [--sk]
my output:
You can also use
/var/local/test/*
as wildcard for all files in that directory.It's a command line argument for
--propupd
:From the man page (emphasis mine)
OrAnd, of course, change it inrkhunter.conf
:This should add it to the rkhunter db.