Host Security  «Prev 

RPM verification and Reading RPM Output

There are several ways to verify packages installed on your system. If you have taken a look at RPM's query command, you will find that many of them are similar. Let us start with the simplest method of specifying packages, namely the package label.

Package Label: Verify an Installed Package Against the RPM Database

You can simply follow the rpm -V command with all or part of a package label. As with every other RPM command that accepts package labels, you will need to carefully specify each part of the label you include. Keep in mind that package names are case-sensitive, so rpm -V PackageName and rpm -V packagename are not the same. Let us verify the initscripts package:
# rpm -V initscripts

While it looks like RPM did not do anything, the following steps were performed:
  1. For every file in the package, RPM checked the nine file attributes that were discussed above.
  2. If the package was built with dependencies, the RPM database was searched to ensure the packages that satisfy those dependencies were installed.
  3. If the package was built with a verification script, that script was executed.
In our example, each of these steps was performed without erro and the package verified successfully. Remember, with rpm -V you will only see output if a package fails to verify.

Root localhost

  1. The S indicates that the file has changed
  2. The 5 indicates that the file size has changed against an MD5 cryptographic checksum for that file
  3. The T indicates that the modification time of the file has changed
  4. The c indicates that the file is a configuration file. Configuration changes are not necessarily suspect, especially if you have made any recent alterations to your system.
  5. /etc/services
    This is the file that you are verifying