Joined: 12 Jan 2013
|Posted: Tue Jan 22, 2013 8:12 pm Post subject: /var/run/utmp - strange entries.
|Hi, today I launched chkrootkit to check some things. Everything seems to be fine, but I'm wonder on this:
|in /var/run/utmp !
! RUID PID TTY CMD
! kleenex 3816 pts/0 bash
! kleenex 5146 pts/0 sudo chkrootkit
! root 5147 pts/0 /bin/sh /usr/sbin/chkrootkit
! root 5782 pts/0 ./chkutmp
! root 5784 pts/0 ps axk tty,ruser,args -o tty,pid,ruser,args
! root 5783 pts/0 sh -c ps axk "tty,ruser,args" -o "tty,pid,ruser,args"
Is it normal? Whether it is a record of what actions were taken by chkrootkit? (./chktump etc.) Or it is something else?