Remove [1;33m from rkhunter output

webfeatus · Unread post by **webfeatus** » Mon Oct 25, 2010 5:41 pm

[ Rootkit Hunter version 1.3.6 ]

[1;33mChecking rkhunter version... [0;39m
This version : 1.3.6
Latest version: 1.3.6
[ Rootkit Hunter version 1.3.6 ]

[1;33mChecking rkhunter data files... [0;39m
Checking file mirrors.dat [34C[ [1;32mNo update [0;39m ]
Checking file programs_bad.dat [29C[ [1;32mNo update [0;39m ]
Checking file backdoorports.dat [28C[ [1;32mNo update [0;39m ]
Checking file suspscan.dat [33C[ [1;32mNo update [0;39m ]
Checking file i18n/cn [38C[ [1;32mNo update [0;39m ]
Checking file i18n/de [38C[ [1;32mNo update [0;39m ]
Checking file i18n/en [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh.utf8 [33C[ [1;32mNo update [0;39m ]

Anyone know how to remove the weird characters?

This is my cron script:

Code: Select all

#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /bin/mail -s 'rkhunter Daily Run on server' my@email.com

Unread post by **mikeshinn** » Mon Oct 25, 2010 6:17 pm

Those are ANSI color codes. You need to use the --nocolors option.

webfeatus · Unread post by **webfeatus** » Mon Oct 25, 2010 6:32 pm

Yes, I tried that once before, without success.
This time I have placed it on a separate line.

Code: Select all

#!/bin/sh
(
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
/usr/local/bin/rkhunter --nocolors
) | /bin/mail -s 'rkhunter Daily Run on server' email@me.com

(lazily) I will let the cron run tomorrow...

Unread post by **scott** » Mon Oct 25, 2010 6:35 pm

Also this -> /usr/local/bin/rkhunter is not our rkhunter. So your problems might be related to that.

webfeatus · Unread post by **webfeatus** » Mon Oct 25, 2010 6:37 pm

scott wrote:Also this -> /usr/local/bin/rkhunter is not our rkhunter. So your problems might be related to that.

Yes, it is a standalone version on the host server.
ASL & your rkhunter are on the virtual.

Unread post by **mikeshinn** » Mon Oct 25, 2010 7:18 pm

You need to call "--nocolors" each time you invoke rkhunter when you want it to not generate ANSI colors.

/usr/local/bin/rkhunter --versioncheck --nocolors
/usr/local/bin/rkhunter --update --nocolors
/usr/local/bin/rkhunter --cronjob --report-warnings-only --nocolors

You also dont need to call rkhunter each time, you can stack those options if you like:

rkhunter --versioncheck --update --cronjob --report-warnings-only --nocolors

breun · Unread post by **breun** » Tue Oct 26, 2010 5:47 pm

From rkhunter --help:

--cronjob Run as a cron job
(implies -c, --sk and --nocolors options)

So, when using --cronjob you don't even need to specify --nocolors.

(I see ART's rkhunter also uses both --cronjob and --nocolor in /etc/cron.daily/rkhunter, but yeah, it still works, so it doesn't matter much.)

webfeatus · Unread post by **webfeatus** » Tue Oct 26, 2010 7:48 pm

I found that this separates the output nicely.

Code: Select all

/usr/local/bin/rkhunter --versioncheck --nocolors
/usr/local/bin/rkhunter --update --nocolors
/usr/local/bin/rkhunter --cronjob --report-warnings-only --nocolors

Other options work but do not separate the output like the above option.

Atomicorp

Remove [1;33m from rkhunter output

Remove [1;33m from rkhunter output

Re: Remove [1;33m from rkhunter output

Re: Remove [1;33m from rkhunter output

Re: Remove [1;33m from rkhunter output

Re: Remove [1;33m from rkhunter output

Re: Remove [1;33m from rkhunter output

Re: Remove [1;33m from rkhunter output

Re: Remove [1;33m from rkhunter output