How to Install Chkrootkit on Fedora 40 or 39 Linux

Last updated on July 26, 2024 2:04 pm by Joshua James
Estimated reading time: 6 minutes

Chkrootkit is a powerful tool for checking for signs of rootkits on Unix-based systems. Rootkits are malicious software designed to gain unauthorized access and hide their presence on a system. Chkrootkit scans the system for known rootkits, worms, and LKMs (Loadable Kernel Modules), helping you maintain the security and integrity of your system. It is a valuable tool for system administrators and security professionals who must ensure their systems are free from hidden threats.

To install Chkrootkit on Fedora 40 or 39, you can use the Fedora default repository, which is recommended for most users due to its simplicity and stability, or download the source archive for the latest build. This guide will walk you through both installation methods.

Method 1: Install Chkrootkit Using DNF

Update Package Lists Before Chkrootkit Installation

Before initiating the installation of Chkrootkit on Fedora Linux, it’s crucial to update the system’s package lists. This action ensures your system knows all available packages and their latest versions.

To update your Fedora system, execute the following command in the terminal:

sudo dnf upgrade --refresh

This command updates the package database and upgrades installed packages to their most recent versions. This step is vital for maintaining system integrity and security.

Install Chkrootkit Using DNF Command

After updating the system, you can install Chkrootkit using Fedora’s package manager, DNF. DNF is a robust and efficient tool for software management in Fedora that simplifies the installation process.

Run this command to install Chkrootkit:

sudo dnf install chkrootkit
Installing Chkrootkit on Fedora Linux via default DNF AppStream
Example screenshot of installing Chkrootkit on Fedora Linux via default DNF AppStream

Verify the Chkrootkit Installation

Post-installation, verifying that Chkrootkit has been properly installed on your Fedora system is critical. Ensuring its correct installation guarantees the software is operational and prepared for use.

To verify Chkrootkit’s installation, execute its version check command:

chkrootkit -V

This command displays the installed version of Chkrootkit, confirming the successful installation and readiness of the tool for system security checks.

Method 2: Install Chkrootkit via Source Archive

Download Chkrootkit Source Code

Begin by downloading the Chkrootkit source code directly from the official site. This step ensures access to the latest version. Open a terminal and navigate to the desired download directory.

Execute the following command to start the download:

wget ftp://chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz

This command retrieves the Chkrootkit source code archive to your specified directory.

Downloading the latest source archive of Chkrootkit on Fedora Linux
Example screenshot of downloading the latest source archive of Chkrootkit on Fedora Linux

Extract Chkrootkit Source Archive

Now, extract the downloaded source code. This extraction is vital for accessing the files needed for the next steps. Use this command to extract the source code:

tar -xvzf chkrootkit.tar.gz

Compile and Install Chkrootkit

Ensure your Fedora system has essential packages like the GNU Compiler Collection (GCC) and make utility. Verify or install these packages with the command:

sudo dnf install gcc make glibc-static
sudo dnf groupinstall "Development Tools"

Navigate to the Chkrootkit source directory, then compile and install Chkrootkit using:

cd chkrootkit-{your-version-number}
make sense

This command compiles the Chkrootkit source code, creating an executable file.

Verify Chkrootkit Installation

Confirm Chkrootkit’s successful installation by checking its version. Run:

./chkrootkit -V

Setting Up Chkrootkit for Global Accessibility

Organize Chkrootkit on your Fedora system for global use, adhering to Linux file system structures.

Positioning Chkrootkit in a Standard Directory

Move the Chkrootkit directory to a standardized location for better organization and accessibility. Typically, software like this resides in /usr/local/bin. First, move Chkrootkit to /usr/local/share:

Ensure you’re in the parent directory of Chkrootkit. Execute this command to move the directory:

sudo mv chkrootkit-{your-version-number} /usr/local/share/chkrootkit

This command moves Chkrootkit to /usr/local/share, a common location for shared data.

Creating a Symbolic Link for Easy Access on Fedora

Create a symbolic link in /usr/local/bin for easy Chkrootkit access. This link acts as a shortcut, allowing you to run Chkrootkit from any location in the terminal.

Execute the following to create the symbolic link:

sudo ln -s /usr/local/share/chkrootkit/chkrootkit /usr/local/bin/chkrootkit

Verifying Chkrootkit’s Accessibility on Fedora

Test Chkrootkit’s global accessibility. Run the version check command:

chkrootkit -V

A version output confirms Chkrootkit’s successful setup.

Chkrootkit version output on Fedora Linux
Example screenshot of Chkrootkit version output once moved and symbolic link created on Fedora Linux

Basic Commands with Chkrootkit

Run a Scan for Rootkits with Chkrootkit

After installing Chkrootkit on your Fedora system, initiate a rootkit scan. Open your terminal and enter the following command:

sudo chkrootkit

This command triggers a detailed scan, identifying any potential rootkits on your system.

For a more streamlined output highlighting only possible threats, opt for the quiet mode:

sudo chkrootkit -q

Configure Automatic Scanning with Chkrootkit

Create a Bash Script for Scanning:

First, you’ll need to create a script that runs Chkrootkit. Open a text editor and write the following script:

#!/bin/bash
/path/to/chkrootkit > /var/log/chkrootkit.log

Replace /path/to/chkrootkit with the actual path to your Chkrootkit executable. Save this script in a suitable location, such as /usr/local/bin/chkrootkit_scan.sh.

Make the Script Executable

sudo chmod +x /usr/local/bin/chkrootkit_scan.sh

Save your changes (CTRL+O) and exit (CTRL+X).

Create a Cron Job for Daily Scans:

Cron jobs are used to schedule tasks at regular intervals. Use the crontab command to edit the cron jobs:

sudo crontab -e

Add the following line to schedule the script to run daily (you can adjust the time as needed):

0 2 * * * /usr/local/bin/chkrootkit_scan.sh

This schedules the scan to run every day at 2:00 AM. The output will be saved in /var/log/chkrootkit.log.

Check if the Cron Service is Running:

sudo systemctl status crond.service

If it’s not running, start it with:

sudo systemctl enable crond.service --now

Testing the Script:

To ensure that everything is set up correctly, you can run the script manually:

/usr/local/bin/chkrootkit_scan.sh

Then check the log file:

cat /var/log/chkrootkit.log

Explore Chkrootkit Commands and Documentation

To familiarize yourself with Chkrootkit’s functionalities, access its Help menu:

chkrootkit -h

Alternatively, delve into the manual pages for comprehensive information:

man chkrootkit

Conclusion

With Chkrootkit successfully installed on your Fedora system, you can regularly scan for rootkits and other hidden threats to maintain system security. Using the Fedora default repository is recommended for most users for ease of use, while downloading the latest build from the source archive provides the most up-to-date features. Regularly update Chkrootkit and perform scans to ensure your system remains secure and protected from unauthorized access.

How to Install Composer on Debian 12, 11 or 10 Linux

How to Install HandBrake on Fedora 40 or 39 Linux

Leave a Comment


If you have any legitimate inquiries, such as article suggestions, don't hesitate to contact LinuxCapable. Please ensure that your message is written in English.

Contact Us
About Us Disclaimer Privacy Policy Terms and Conditions