Questions[rootkit](ubuntu)

I want to use debsumsto check integrity of all my packages with

sudo dpkg -l | awk {'print $2'} | xargs | debsums |grep -v OK

But I get those errors:

debsums: can't open fwupd file /var/lib/polkit-1/localauthority/10-vendor.d/fwupd.pkla (Permission denied)
debsums: can't open geoclue-2.0 file /var/lib/polkit-1/localauthority/10-vendor.d/geoclue-2.0.pkla (Permission denied)
debsums: can't open gnome-initial-setup file /var/lib/polkit-1/localauthority/10-vendor.d/gnome-initial-setup.pkla (Permission denied)
debsums: can't open linux-image-5.0.0-31-generic file /boot/vmlinuz-5.0.0-31-generic (Permission denied)
debsums: can't open linux-image-5.0.0-32-generic file /boot/vmlinuz-5.0.0-32-generic (Permission denied)
debsums: can't open linux-modules-5.0.0-31-generic file /boot/System.map-5.0.0-31-generic (Permission denied)
debsums: can't open linux-modules-5.0.0-32-generic file /boot/System.map-5.0.0-32-generic (Permission denied)
debsums: can't open network-manager file /var/lib/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager.pkla (Permission denied)
debsums: can't open packagekit file /var/lib/polkit-1/localauthority/10-vendor.d/org.freedesktop.packagekit.pkla (Permission denied)
debsums: can't open policykit-desktop-privileges file /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla (Permission denied)
debsums: can't open systemd file /var/lib/polkit-1/localauthority/10-vendor.d/systemd-networkd.pkla (Permission denied)

How do I prevent those errors? And why can't even root read those files?

Finally, I would like to create some minimal rootkit detection system that sends out an E-Mail if there is any output

When I do an rkhunter --check it shows me that I have possible rootkits:

/usr/bin/rkhunter: 14795: [: /usr/lib/firefox/firefox: unexpected operator
/usr/bin/rkhunter: 14795: [: /usr/lib/firefox/firefox: unexpected operator
/usr/bin/rkhunter: 14795: [: /usr/bin/konsole: unexpected operator
    Checking for suspicious (large) shared memory segments   [ Warning ]

/var/log/rkhunter.log show me this:

Warning: The following suspicious (large) shared memory segments have been found:
[21:17:06]          Process: /usr/lib/firefox/firefox (deleted)    PID: 9750    Owner: louie    Size: 4,0MB (configured size allowed: 1,0MB)
[21:17:07]          Process: /usr/lib/firefox/firefox (deleted)    PID: 9750    Owner: louie    Size: 4,0MB (configured size allowed: 1,0MB)
[21:17:07]          Process: /usr/bin/konsole (deleted)    PID: 11415    Owner: louie    Size: 1,7MB (configured size allowed: 1,0MB)

The alternative chkrootkit only shows me an infection: "tcpd" which I have read in several places is a false positive.

Can rkhunter also show false positives?

I made a chrootkit scan.And it found something,it doesnt say any recommendations on the detection of the files or directories. Any suggestions?

results are:

The following suspicious files and directories were found:  

/usr/lib/debug/.build-id 
/lib/modules/4.4.0-93-generic/vdso/.build-id 
/lib/modules/4.4.0-92-generic/vdso/.build-id 
/lib/modules/4.4.0-91-generic/vdso/.build-id

Today I did a scan of my machine with rkhunter:

sudo rkhunter --checkall

And these were the warnings that I got:

Checking for passwd file changes                         [ Warning ]
Checking for group file changes                          [ Warning ]

Is this anything to worry about? And if it is then how should I proceed?

OS Information:

Description:    Ubuntu 14.10
Release:    14.10

and what schedule/sysadmin routine is recommended?