{"id":5473,"date":"2015-12-21T17:40:24","date_gmt":"2015-12-21T09:40:24","guid":{"rendered":"http:\/\/rmohan.com\/?p=5473"},"modified":"2015-12-21T17:40:24","modified_gmt":"2015-12-21T09:40:24","slug":"verify-package-integrity-using-rpm","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=5473","title":{"rendered":"Verify Package Integrity Using RPM"},"content":{"rendered":"<div class=\"header\"><\/div>\n<div class=\"entry\">\n<p><strong>Verify Package Integrity Using RPM<\/strong><\/p>\n<p>The RPM package management system includes the ability to verify the integrity of installed packages by comparing the installed files with information about the files taken from the package metadata stored in the RPM database.<\/p>\n<p>Although an attacker could corrupt the RPM database (analogous to attacking the AIDE database as described above), this check can still reveal modification of important files. To determine which files on the system differ from what is expected by the RPM database:<\/p>\n<div class=\"dean_ch\">\n<div class=\"de1\"># rpm -qVa<\/div>\n<\/div>\n<p>A \u201cc\u201d in the second column indicates that a file is a configuration file (and may be expected to change). In order to exclude configuration files from this list, run:<\/p>\n<div class=\"dean_ch\">\n<div class=\"de1\"># rpm -qVa | awk \u2018$2!=\u201dc\u201d {print $0}\u2019<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"\n<p>Verify Package Integrity Using RPM<\/p>\n<p>The RPM package management system includes the ability to verify the integrity of installed packages by comparing the installed files with information about the files taken from the package metadata stored in the RPM database.<\/p>\n<p>Although an attacker could corrupt the RPM database (analogous to attacking the AIDE database [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,17],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5473"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5473"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5473\/revisions"}],"predecessor-version":[{"id":5474,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5473\/revisions\/5474"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5473"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5473"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5473"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}