Chas. Owens

Asked: 2011-06-18 12:06:41 +0800 CST2011-06-18 12:06:41 +0800 CST 2011-06-18 12:06:41 +0800 CST

Is it possible to use RPM as a poor man's tripwire?

I know about rpm's -V option that tells me if files installed via RPMs have not been modified, but is there a simple way to get rpm to tell me if any files in a given directory were not installed by RPM? I figure I can use --whatprovides on each file, but is there a faster way?

2 Answers

Voted

Mike
2011-06-18T12:12:17+08:002011-06-18T12:12:17+08:00
why not use the opensource tripwire?

http://sourceforge.net/projects/tripwire/
4
Sven
2011-06-18T12:12:47+08:002011-06-18T12:12:47+08:00
Regardless of the feasibility of this I don't think it would be a good idea. The reason is that anyone who could modify a critical file (presumably only writeable by root) could alter the RPM database as well.
3

Is it possible to use RPM as a poor man's tripwire?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?