verify installed files
Max Waterman
davidmaxwaterman+smart at fastmail.co.uk
Sun Nov 11 22:19:08 PST 2007
Jeff Johnson wrote:
>
> On Nov 11, 2007, at 11:54 PM, Max Waterman wrote:
>
>> Hi,
>>
>> I am trying to use rkhunter, which checks for root kits, and part of
>> it's functionality requires the constructions of a table of hashes
>> for each file on the system.
>>
>> However, before that is done, it is necessary to verify that the
>> files are the same as the originals.
>>
>> Apparently, this can be done with a package manager, but I don't see
>> such an option with smart. Could someone enlighten me?
>>
>
> If on a rpm managed system, one can verify installed file contents
> using md5 hashes
> carried in packages by doing
> rpm -Va
>
> The md5 hashes, if located in digitally signed package headers, are
> quite trustworthy.
>
> If the headers are not signed, then the other alternative is to get a
> readonly
> copy of the installed packages, and then (for each package) do
> rpm -Vp somepkg*.rpm
> which is equally trustworthy.
>
> 73 de Jeff
Ok. Thanks for the reply.
Is there no way of doing this with smart? I have used smart to install
*all* (apart from smart itself) packages - is it still ok to use rpm
when they weren't installed using rpm? (I'm not even sure I have rpm
installed...).
Thanks.
Max.
More information about the Smart
mailing list