I have been reading many articles but am unable to locate info. on my particular situation. Any help or guidance would be appreciated!
Just installed FC7 and am in the learning mode. So while I know not to login as root, I do so anyway to understand the system. I installed chkrootkit and ran it a few times (logging in as root, and logging in via 'su root'). In all cases, everything passes the test except for the following two msgs:
1. Checking `z2'... user root deleted or never logged from lastlog!
2. Checking `chkutmp'... The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 10329 tty7 /usr/bin/Xorg :0 -br -audit 0 -auth /var/gdm/:0.Xauth -nolisten tcp vt7
In #1, I run lastlog and find that for all UIDs, lastlog reports "Never logged in". I see that /var/log/lastlog was updated around the time I installed the system. I suspect I may need to manually rotate logs, but that is a guess on my part.
In #2, I am not sure how to interpret the msg. when I run 'w', I simply get my user login session.