HPE Community
Operating System - Linux
1827845 Members
1147 Online
109969 Solutions
New Discussion

Verifying Linux with "...rpm -Va..."

 
SOLVED
Go to solution
Michael Steele_2
Honored Contributor

‎12-16-2010 11:15 AM

‎12-16-2010 11:15 AM

Verifying Linux with "...rpm -Va..."

# rpm -Va | more
......G. /usr/local/bin
......G. /usr/local/etc
.......T d /usr/share/info/history.info.gz
.......T d /usr/share/info/readline.info.gz
.......T d /usr/share/info/rluserman.info.gz
.......T d /usr/share/man/man3/history.3.gz
.......T d /usr/share/man/man3/readline.3.gz
S.5....T c /etc/syslog.conf
.......T c /etc/pam.d/authconfig


I'm having trouble finding a clear explanation of the report and looking for assistance.

Also, a working script with coded / embedded explanations would be wonderful.
Support Fatherhood - Stop Family Law
0 Kudos
3 REPLIES 3
Matti_Kurkela
Honored Contributor

‎12-16-2010 03:31 PM

‎12-16-2010 03:31 PM

Solution

Re: Verifying Linux with "...rpm -Va..."

Michael, I'm a bit disappointed. Did you RTFM?

The rpm(8) man page is rather long, and split into sections according to major functions of the rpm command. In this case, you're using -V as Verify. Under the sub-heading "VERIFY OPTIONS", you'll find a general description of what the rpm Verify function does, and the list of verify-specific options you can use with it.

The next paragraph describes the output:
----quote----
The format of the output is a string of 8 characters, a possible attribute marker:

[a list of possible attribute markers, see below]

from the package header, followed by the file name. Each of the 8 characters denotes the result of a comparison of attribute(s) of the file to the value of those attribute(s) recorded in the database. A single "." (period) means the test passed, while a single "?" (question mark) indicates the test could not be performed (e.g. file permissions prevent reading). Otherwise, the (mnemonically emBoldened) character denotes failure of the corresponding --verify test:

[list of test result indicators, see below]
----end quote----

Here are the descriptions of the characters of the first field of 8 characters (the test result indicators), straight from the output of "man rpm":

----quote----
S file Size differs
M Mode differs (includes permissions and file type)
5 MD5 sum differs
D Device major/minor number mismatch
L readLink(2) path mismatch
U User ownership differs
G Group ownership differs
T mTime differs
----end quote----

If there is a character between the first field and the filename, it is an "attribute marker":
----quote----
c %config configuration file.
d %doc documentation file.
g %ghost file (i.e. the file contents are not included in the package pay
load).
l %license license file.
r %readme readme file.
----end quote----

The %-prefixed words in the attribute marker descriptions are the respective keywords you'd use in a .spec file (e.g. when making a RPM package of your own).

Examples:
......G. /usr/local/bin
= the group ownership of /usr/local/bin has been changed from the original value. Other stored attributes are unchanged.

.......T d /usr/share/info/history.info.gz
= the modification time of the documentation file history.info.gz file has been changed from the original value. Other stored attributes are unchanged.

S.5....T c /etc/syslog.conf
= the size, MD5 checksum and modification time of the configuration file /etc/syslog.conf have been changed.
(In other words, the sysadmin may have added/changed the factory default configuration in some way. Not a big surprise, since it is a configuration file after all...)

I guess the sub-heading does not hint that the manual section contains more than the option descriptions, and the tables are not in the same order as you need them... but it really isn't so very difficult to find, as the other sub-headings are rather obviously not applicable.

I honestly would like to understand what went wrong in your explanation-finding. Perhaps that would help me to write better, more usable documentation at work in the future.

MK
MK
0 Kudos
Michael Steele_2
Honored Contributor

‎12-16-2010 04:24 PM

‎12-16-2010 04:24 PM

Re: Verifying Linux with "...rpm -Va..."

Thanks again Matt
Support Fatherhood - Stop Family Law
0 Kudos
Michael Steele_2
Honored Contributor

‎12-17-2010 05:15 AM

‎12-17-2010 05:15 AM

Re: Verifying Linux with "...rpm -Va..."

RTFM!

ROFLOL

No.

I didn't.

Often times it's easier to have someone else write me a report.

Old FRDH
Support Fatherhood - Stop Family Law
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.