SUMMARY: Building chkrootkit on Tru64 v4.0F

From: Chris Los <clos_at_trentu.ca>
Date: Thu, 27 Mar 2003 17:22:06 -0500

Only got one reply on this. Here it is:
 
 
From: Charles Ballowe <hangman_at_steelballs.org>
Subject: Re: Building chkrootkit on Tru64 v4.0F
 
i'm not sure chkrootkit does much good on tru64. I recently ran it
on a set of Tru64 5.1A systems and it reported /bin/ls as possibly
corrupted on every one of the systems. I don't think that there really
are any tru64 rootkits out there - at least none that I know of off hand.
 
You might want to try with gcc rather than Digital's C compiler. Most
opensource developers work with gcc which tends to support things that
vendor compilers don't necessarily cover.
 
-charlie

 
 
Original Question:
 
 
Would like to know if any one has had success installing "chkrootkit" (www.chkrootkit.org). I'm getting several compile errors when i try to build it.

Here they are:


cc: Warning: chklastlog.c, line 71: The redefinition of the macro "TRUE" conflicts with a current definition because the replacement lists differ. The redefinition is now in effect. (macroredef)
#define TRUE 1L
-------------^
cc: Warning: chklastlog.c, line 72: The redefinition of the macro "FALSE" conflicts with a current definition because the replacement lists differ. The redefinition is now in effect. (macroredef)
#define FALSE 0L
--------------^
cc: Error: chklastlog.c, line 98: In this declaration, "lastlog_ent" has no linkage and is of an incomplete type. (incompnolink)
        struct lastlog lastlog_ent;
------------------------^
cc: Error: chklastlog.c, line 173: In this statement, "struct lastlog" is an incomplete type, and so has no size. (sizeincomptyp)
                    lseek(fh_lastlog, (long)*uid * sizeof (struct lastlog), 0);
---------------------------------------------------^
cc: Error: chklastlog.c, line 174: In this statement, "struct lastlog" is an incomplete type, and so has no size. (sizeincomptyp)
                    if ((wtmp_bytes_read = read(fh_lastlog, &lastlog_ent, sizeof (struct lastlog))) > 0)
--------------------------------------------------------------------------^
cc: Error: chklastlog.c, line 176: In this statement, "struct lastlog" is an incomplete type, and so has no size. (sizeincomptyp)
                        if (wtmp_bytes_read < sizeof(struct lastlog))
----------------------------------------------^
*** Exit 1
Stop.


Any suggestion ?????

Chris Los
Trent University
Received on Thu Mar 27 2003 - 22:23:21 NZST