RKHunter is a tool for detecting rootkits on Unix-like systems. I run it daily on my Gentoo server, and it emails me a report about whether it updated its database of tests as well as any warnings it comes across while running its tests. Recently, Gentoo marked rkhunter-1.3.4 as stable. After I updated it, it began reporting more false positives than the older 1.2.9 (it used to only report the existence of promiscuous network interfaces, which is caused by my network confguration).
Some were due to programs in /usr/bin being shell scripts instead of binaries, while others were complaining about the fact that I did not have the latest version of GnuPG or OpenSSH (I stick to Gentoo's stable releases, which are currently a minor version behind). Another problem was over Linux kernel modules. I built my kernel with all module support disabled, compiling in everything I want my kernel to have.
Read on to find out how I resolved the various warnings in /var/log/rkhunter.log by editing /etc/rkhunter.conf.
