The path element: /var/log
in the filename: /var/log/samhain_log
is group writeable (GID = 0), and at least one of the group
members (UID = 5) is not in the list of trusted users.
To fix the problem, you can:
- run ./configure again with the option --with-trusted=0,...,UID
where UID is the UID of the untrusted user, or
- use the option TrustedUser=UID in the configuration file.
Nothing special about this. You have to modify the configuration file to exclude these lines. RHEL5 does not use most of these filenames by default.
Only one used is: /var/log/*.[0-9]
But your system needs to run for at least a week to rotate the logfiles.
![ESX4升级5故障处理:LINT1 motherboard interrupt. This is a hardware problem[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)