There is a way to verify files related to specific package against original RPM content:
# Verify `vsftpd` package.
rpm -V vsftpd
How to complete the chain and verify that rpm command itself hasn't been changed?
If I replace rpm by a script which always succeeds, this type of verification will never fail.
OpenVPN unit file is parameterized (see @):
> ls /usr/lib/systemd/system/openvpn*
/usr/lib/systemd/system/[email protected]
The problem is that I cannot list the parameterized service names by systemctl command if they are disabled even with option --all:
> systemctl --full --all -t service | grep openvpn
However, I can still list names of non-parameterized disabled services (iptables in this example):
> systemctl --full --all -t service | grep iptables
iptables.service loaded inactive dead IPv4 firewall with iptables
How to get list of all units even if some of them are parameterized?
The question is actually more complicated (I could easily list available unit files to answer myself). However, the problem is in the inconsistency.
[email protected] service is enabled, it can be listed by the above command.[email protected] service is disabled, it cannot.It seems like an obvious bug (or limitation of the fact that systemd does not probably understand whether parameterized service is actually configured when we enable it). However, I rather ask the crowd than jump into this conclusion.
The alternatives command (package chkconfig) on RHEL/Fedora manages symlinks which link a generic name to one of the alternative implementations. For example, mta group of symlinks can be provided by Sendmail and Postfix (to implement i.e. sendmail command):
alternatives --display mta
While I can --display a group of symlinks, I need to guess its name first (i.e. mta).
Can I simply list all possible configurable symlink groups (like mta) to pick from?
The reason is that I forget some group names occasionally.