The combination of rkhunter and the latest stable Linux kernel has been giving me problems the last few days. Considering that I couldn’t find anything about this on the Internet, I guess it must be something special about my box. rkhunter makes my server hang when it gets to the part where it checks for hidden processes if I use the 2.6.26-3 kernel. If I use the same .config and make myself a 2.6.25-16 (the latest stable 2.6.25) rkhunter runs without problems.
While it is nice that I found the problem, it was a pain narrowing down the culprit. The last few days I had noticed that my server was dead in the water every morning and had at first suspected vmware, since I had installed that a few days ago on the server (and had to make a new kernel to get it running). Well, everything is fine now. Next time I have to update my kernel, I’ll remember to do a test run of /etc/cron.daily
I swear I must be stupid. I compiled a new kernel yesterday (2.6.26-6 to add some grsec stuff), and what happend last night? Boom, crash. I really should either fix the problem or stay below 2.6.26.
So don’t be susprised if my server goes down unexpedtedly the now and then in the next few days. It’s probably me testing stuff and killing the kernel.