[Yum] idea for system verification via python+rpm
Dmitry S. Makovey
dmitry at athabascau.ca
Tue Aug 12 17:05:18 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On August 12, 2003 10:57 am, seth vidal wrote:
> > I've been trying to implement remote checks of rpmdb etc. but stuck with
> > RH7.2 and rpm4.0.4 because latter doesn't want to perform
> > rpm -Uvh --dbpath /somehere/on/secure/site --justdb x.rpm
> > I found some people were complaining about it long time ago, but no
> > receipie or fix was released :(
>
> I wouldn't recommend the remote checks of an rpmdb - that's just going
> to get big and not easy to maintain.
I probably have to rephrase it - we want to install same package on server and
in "shadow" rpmdb (reminder - we do central package distribution - control
server pushes packages to local servers). This way if system is tampered we
can burn rpmdb on CD, and check whole system for changed files etc. Something
like Tripwire ;) Plus we can keep track of packages on the server so it's
easy to rebuild/duplicate server in case of emergency.
- --
Dmitry Makovey
Web Systems Administrator
Athabasca University
(780) 675-6245
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)
iD8DBQE/OR5OyDrVuGfS98QRAhg8AKCvYQqSjRvW2+EBlRZBeo/3uQAvBgCgqkw1
Dn8RzGCqbuCcw4XZrEwh/PM=
=y6ob
-----END PGP SIGNATURE-----
More information about the Yum
mailing list