KUSANAGI version upgrade details 8.0.2-1
The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-2.
# yum update
KUSANAGI 8.0.2-1 Bug Fixes
1. Error detection in rootkit check tool
Detected some issues with using chkrootkit,rkhunter tools,
RH-Sharpe’s Rootkit which located in /usr/bin/wp including kusanagi-wp-cli have been detected
As a result, it’s determine as error detection from the following.
「RH-Sharpe’s Rootkit」will check only whether the designated file exists, but does not check the contents.
- The RPM which created by us is same as checksum which placed in /usr/bin/wp
- Virus is not detected when checking /usr/bin/wp included kusanagi wp-cli with Virus Check tool
This erroneous detection will occur in the future if we continue with using “RH – Sharpe’s Rootkit” old rootkit, it’s difficult to notify multiple rootkit detection tool developers , as solution we changed the path to /usr/local/bin/wp.
After this update , it’s confirmed that rootkit is not detected withchkrootkiteitherrkhunter.
Please notice the following after update done
- When using the wp command as the root user, change alias of the wp command which set with .bashrc and use /usr/local/bin/wp.
After executing yum update, please login again to make sure the alias of the new wp command is valid.
- Make sure to include /usr/local/bin when using wp commands as kusanagi user.