How to upgrade rkhunter

When running the command:

sudo rkhunter --versioncheck

I get the following output:

[ Rootkit Hunter version 1.4.0 ]

Checking rkhunter version...
  This version  : 1.4.0
  Latest version: 1.4.2
  Update available

But there does not seem to be an option anywhere to upgrade rkhunter from version 1.4.0 to version 1.4.2, and when running the commands:

sudo apt-get update && sudo apt-get dist-upgrade

There are no upgrades available for rkhunter, so is there some special command to upgrade it to the latest version, or is it just that I need to wait until the new version is available on the Ubuntu repositories?

I have also tried running:

sudo rkhunter --update

And I get:

[ Rootkit Hunter version 1.4.0 ]

Checking rkhunter data files...
  Checking file mirrors.dat                                  [ No update ]
  Checking file programs_bad.dat                             [ No update ]
  Checking file backdoorports.dat                            [ No update ]
  Checking file suspscan.dat                                 [ No update ]
  Checking file i18n/cn                                      [ No update ]
  Checking file i18n/de                                      [ No update ]
  Checking file i18n/en                                      [ No update ]
  Checking file i18n/tr                                      [ No update ]
  Checking file i18n/tr.utf8                                 [ No update ]
  Checking file i18n/zh                                      [ No update ]
  Checking file i18n/zh.utf8                                 [ No update ]

So I assume that this is just the hash database etc and does not upgrade the actualy program version.

I am running Ubuntu 14.10

Asked By: user364819

  • The --update command only updates the files for the current version but does not upgrade to a newer version.

  • If you want the latest rkhunter…

    • Download the tar.gz file from the sourceforge project page. Latest download is 1.4.2.
    • Go to your ~/Downloads directory (or if you downloaded someone else to that directory) and extract the tar.gz file, cd into the newly created directory and install it.

    • In commands after you downloaded it …

      cd ~/Downloads
      tar xvfz rkhunter-{tab}
      cd rkhunter-{tab}
      sudo ./ --install

      (It will automatically fill out the version number when you press tab.)

After this you can check the version and update the resource file with:

sudo rkhunter --versioncheck
sudo rkhunter --update --propupd
sudo rkhunter --checkall

Regarding the error: see rkhunter.conf and comment out the SCRIPTWHITELIST=/usr/sbin/prelink or install prelink (Universe needs to be enabled) with

sudo apt-get install prelink

It is disabled at install and the config file /etc/default/prelink needs to be changed to enabled it (PRELINKING=yes) but that is not needed to prevent the error.

Answered By: Rinzwind

I used this answer to upgrade from 1.4.0 to 1.4.6 – When I tried to run the rkhunter –check some errors were printed on screen and so I commented out lines in the /etc/rkhunter.conf file to get around the errors and then it ran fine. There was only two lines that I needed to comment out.

Answered By: Dale Carter

upgraded rkhunter with the instructions here.

rkhunter -C gave the error

Invalid SCRIPTWHITELIST configuration option: Non-existent pathname: /usr/bin/GET

Edited vi /etc/rkhunter.conf and commented the line that had the above config.

Answered By: Rajagopal
