extra/chkrootkit/kallsyms.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

--- a/chkrootkit
+++ b/chkrootkit
@@ -308,7 +316,7 @@ lkm ()
       fi
 
       if [ "${EXPERT}" = "t" ]; then
-         [ -r /proc/ksyms ] &&  ${egrep} -i "adore|sebek" < /proc/ksyms 2>/dev/null
+         [ -r /proc/kallsyms ] &&  ${egrep} -i "adore|sebek" < /proc/kallsyms 2>/dev/null
          [ -d /proc/knark ] &&  ${ls} -la /proc/knark 2> /dev/null
          PV=`$ps -V 2>/dev/null| $cut -d " " -f 3 |${awk} -F . '{ print $1 "." $2 $3 }' | ${awk} '{ if ($0 > 3.19) print 3; else if ($0 < 2.015) print 1; else print 2 }'`
          [ "$PV" = "" ] &&  PV=2
@@ -318,14 +326,14 @@ lkm ()
       fi
 
       ### adore LKM
-      [ -r /proc/ksyms ] && \
-      if `${egrep} -i adore < /proc/ksyms >/dev/null 2>&1`; then
+      [ -r /proc/kallsyms ] && \
+      if `${egrep} -i adore < /proc/kallsyms >/dev/null 2>&1`; then
          echo "Warning: Adore LKM installed"
       fi
 
       ### sebek LKM (Adore based)
-      [ -r /proc/ksyms ] && \
-      if `${egrep} -i sebek < /proc/ksyms >/dev/null 2>&1`; then
+      [ -r /proc/kallsyms ] && \
+      if `${egrep} -i sebek < /proc/kallsyms >/dev/null 2>&1`; then
          echo "Warning: Sebek LKM installed"
       fi