I have this error, for a while (my attempts to research and fix have been futile):

I've done:
especally after a
I have modified the rkhunter.conf, I guess I should have just put my entries into rkhunter.conf.local, I've started doing so.

How do I tell rkhunter, I've done the mal-action, it's not nefarious, please let's reset and sally forth.

-doug

If this is something that you have done the easiest way seems to be reinstallation. Dowload the latest rkhunter (so you will have the latest virus definations) uninstall the one you have and then install the newest one.
Hope this helps.

1 members found this post helpful.

Linux software rarely requires re-installation.

Due to using the package manager for verification in this case it would be easier to first ensure all local modifications are in /etc/rkhunter.conf.local, then D/L the RPM and extract rkhunter.conf and replace /etc/rkhunter.conf with the pristine one. Just to make sure also check the package with '-q --scripts' for any %post install modifications that would skew hashes.

1 members found this post helpful.

Thank you, unspawn, you are correct,
But who knows what else I've done incorrectly as I've been "learning by doing" with rkhunter, so I printed out my .conf files and will follow honeybadger
Knowing what I now know, I'll just do it again, paying closer attention, using my efforts thus far for reference.

I actually do a little business supporting Linux for those even less competent than myself (Is that even possible? ) so it'll do me good to go through the process again, so I can understand the mistakes previously made.

thanks to all.