Re: security/rkhunter without hashes after recent STABLE-13 update

On Wed, Jul 7, 2021 at 9:26 AM Michael Grimm <trashcan@ellael.org> wrote:

> Warner Losh <imp@bsdimp.com> wrote:
> >
> > On Wed, Jul 7, 2021 at 6:19 AM Michael Grimm via freebsd-stable <
> freebsd-stable@freebsd.org> wrote:
>
> >> Can someone point me into the right direction, how to find out if the
> >> output of /sbin/sha256sum changes between stable/13-n246147 and
> >> stable/13-n246157?
> >
> > This is likely an incompletely merged set of changes to md5, et al. I
> > recently added the 'sum' variations, but
> > did so from an incomplete description so I got the output format wrong
> in a
> > couple of cases. se@ went in and
> > fixed that, and added a lot of compat tests to make sure they weren't
> > further regressions.
> >
> > b33d1898c1b0 is the latest fix, from Jun 29th in -current and merged to
> > stable/13 Jul 6th. It's at n246188 so a little too late unless you have a
> > slight kernel mismatch with your userland/jail. I didn' tsee any changes
> > between n246147 or n146157 that would do this, though. What's the hash
> that
> > you have at n246157? I think it should be fd5b08977630.
>
> No, it's stable/13-n246157-fd5b0897763
>
> I will give a n246188+ user land a try, and ...
>

Great. Please do let me know... I started this for compatibility so I
didn't have
to keep hacking simple scripts for FreeBSD and if something is screwed up
that means it's falling short of the goal...


> > So the change is expected, but if the change to all the *sum programs is
> > incompatible still, I know I'd like to know (as I'm sure se@ would as
> > well). All the *sum programs are very new and designed to be 100%
> > compatible with the linux versions and if they aren't that needs to be
> > fixed.
>
> … I will report back.


Excellent! Sorry for any hassle this work is causing.

Warner