HPE Community
Operating System - HP-UX
1752666 Members
5773 Online
108788 Solutions
New Discussion юеВ

Using swverify to obtain file attribute "cksum" from IPD

 
SOLVED
Go to solution
Patrick Wirth
Frequent Advisor

тАО12-08-2008 09:06 AM

тАО12-08-2008 09:06 AM

Using swverify to obtain file attribute "cksum" from IPD


I would like to take a list of files found in /etc/rc.config.d and obtain the checksum that is stored in the INFO files of the IPD (installed product database).

I would like to use swlist or swverify on a list of files so that I know which ones have been modified since they were installed or patched.

Although this seems easy, I have encountered a script which does permission checks of files and also uses the IPD. This non-trivial script, hp_checkperms by James G. McIntyre, manually parses INFO files and greps the permissions.

http://www.cisecurity.org/tools2/hpux/hp_checkperms

Any suggestions besides modifying the above script to do "cksum" verification?

Thanks.


0 Kudos
7 REPLIES 7
Steven E. Protter
Exalted Contributor

тАО12-08-2008 10:29 AM

тАО12-08-2008 10:29 AM

Re: Using swverify to obtain file attribute "cksum" from IPD

Shalom,

swverify does not do that.

Check sum can be verified using a separate add in utility that does not ship with the OS.

Search for check sum at http://software.hp.com

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
James R. Ferguson
Acclaimed Contributor

тАО12-08-2008 12:12 PM

тАО12-08-2008 12:12 PM

Solution

Re: Using swverify to obtain file attribute "cksum" from IPD

Hi:

Running 'swverify' will most certainly verify the checksums of files recorded in the IPD. In fact, by default, the modification timestamp, size and checksum attributes are verified.

Providing a list of files, as you asked, really means providing a list of *products* that can be matched to '/var/adm/sw/products/*/INFO' files and then these files parsed.

Since you asked specifically about the '/etc/rc.config.d' directory, you could simply do:

# diff /usr/newconfig/etc/rc.config.d /etc/rc.config.d

This will show you what, if any changes, you have made.

Regards!

...JRF...
0 Kudos
Patrick Wirth
Frequent Advisor

тАО12-08-2008 12:34 PM

тАО12-08-2008 12:34 PM

Re: Using swverify to obtain file attribute "cksum" from IPD

Hello,

Ok, I assumed the checksum could be obtained as easily for swverify as swlist since it uses the same ipd.

Please use swlist instead of swverify for my original question.

for example, I can get some checksums of a particular product with the following

swlist -a cksum -l file OVSNMPAgent | grep /etc/rc.config.d

But it does not seem like I can directly get to the stored checksum in the IPD for an individual file.

for example, this command doesnt work but it is the functionality that I'm looking for...
swlist -a cksum /etc/rc.config.d/SnmpMaster


P.
0 Kudos
James R. Ferguson
Acclaimed Contributor

тАО12-08-2008 03:10 PM

тАО12-08-2008 03:10 PM

Re: Using swverify to obtain file attribute "cksum" from IPD

Hi (again) Patrick:

Using 'swverify' *will* verify checksums and will report any descrepencies. However, it isn't gonng to be of much use for files in '/etc/rc.config.d' because it is *expected* that these will be user-modified.

This is why I suggested the use of 'diff' between '/usr/newconfig/etc/rc.config.d' and '/etc/rc.config.d'.

> for example, this command doesnt work but it is the functionality that I'm looking for...
swlist -a cksum /etc/rc.config.d/SnmpMaster

Too, as I said in my original post, you need to specify a product not a file. You can do something like:

# swlist -v -l file|grep SnmpMaster

...which then points you to do (and look at):

# swlist -v -l file OVSNMPAgent.Master

...the '-v' will divulge all you want to know.

Regards!

...JRF...
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО12-08-2008 06:24 PM

тАО12-08-2008 06:24 PM

Re: Using swverify to obtain file attribute "cksum" from IPD

>I assumed the checksum could be obtained as easily for swverify as swlist since it uses the same IPD.

Sure it's easy but time consuming. About 40 seconds on my small system.

As mentioned by JRF, you can get the cksum values from "swlist -l file -a cksum". Also swverify will also check them.

The trouble is that swlist and swverify have a granularity of a fileset, not a file.

You could just use:
swlist -l file -a cksum -a is_volatile | grep /etc/rc.config.d/

>JRF: it isn't going to be of much use for files in /etc/rc.config.d because it is *expected* that these will be user-modified.

That's correct. The ones with is_volatile don't record the checksum. But the above grep will find the ones in /etc/rc.config.d/ AND the ones in .../newconfig/etc/rc.config.d/. Note not all are in /usr/newconfig/.
0 Kudos
Patrick Wirth
Frequent Advisor

тАО12-09-2008 08:10 AM

тАО12-09-2008 08:10 AM

Re: Using swverify to obtain file attribute "cksum" from IPD

Thankyou for the responses.

For my needs, it looks like the local backup copies of the files with a diff will help me the best.

It happens to be similar to what I was beginning to implement. To establish a baseline, I was comparing the files on multiple hosts that have all been built the same way. 'Normal' customizations will show up as different on all the hosts. Normal baselines will be idential on all the hosts.

P.
0 Kudos
Patrick Wirth
Frequent Advisor

тАО12-09-2008 08:11 AM

тАО12-09-2008 08:11 AM

Re: Using swverify to obtain file attribute "cksum" from IPD

Closing thread.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.