1:37 PMMeaning of rpm --verify output
RedHat Package Manager (all well known rpm) can check integrity of installed components. It can indicate if there were any of installed files modified, or did somebody change a permission?
To run a basic and comprehensive install integrity check, you simply execute (preferably as root):
rpm -V rpm_name_to_checkor
rpm --verify rpm_name_to_check
If there are no issues, you'll get empty output and return code 0. That is:
$ rpm -V libusb $ echo $? 0
For a modified deployed file you may see something like this:
$ rpm -V httpd ..?...... /usr/sbin/suexec .....UG.. /var/www .....UG.. /var/www/cgi-bin .M...UG.. /var/www/html
In the case of a modified install the return code will be 1:
$ echo $? 1
httpd install test above translates as:/var/www, /var/www/cgi-bin got their User ownership and Group memberships modified. And /var/www/html got Mode (chmod) changed in addition to the User and the Group.
The question mark in rpm -V output means a certain test could not have been performed. In our example above "..?...... /usr/sbin/suexec" means md5 sum can't be calculated for /usr/sbin/suexec.
That is often because rpm can not access a file being verified under current user account. To avoid "can't verify" question mark in the rpm -V output, just execute rpm as root:
$ sudo rpm -V httpd .....UG.. /var/www .....UG.. /var/www/cgi-bin .M...UG.. /var/www/html
See that "..?...... /usr/sbin/suexec" gone? :-)
By default rpm performs a bunch of tests, each denoted by dot in the case of rpm metadata and installed item match, or "what's wrong" attribute otherwise:
The output can also have an attribute marker:
c %config configuration file. d %doc documentation file. g %ghost file (i.e. the file contents are not included in the package payload). l %license license file. r %readme readme file.That is it from me, read man rpm for more info.
|Total comments: 0|