Bug 58910
Summary: | [4.2]: feeding RPM update info to tripwire | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Alexandre Oliva <aoliva> |
Component: | rpm | Assignee: | Jeff Johnson <jbj> |
Status: | CLOSED DUPLICATE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.2 | Keywords: | FutureFeature |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2002-11-16 20:31:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Alexandre Oliva
2002-01-27 19:15:09 UTC
If the RFE gets into rpm, then python bindings are the only impediment to using in up2date. Whether RHN chooses to do that is a different matter ... Thanks for entering the bug report. Re-implementing tripwire within rpm looks very doable, will probably take a shot at an implementation this summer ... FYI: rpm-4.1-0.53 and later now verifies header/digests/signatures whenever a header is read. AFAICT There are 3 things that remain to duplicate tripwire functionality on top of an rpm database: a) (easy) sign all the database files in order to detect any modification. b) (moderate) steal a tripwire configuration paradigm, remapping duplicated functionality onto existing verify CLI bits. c) (moderate) walk the file tree to find files not under package management, and %ghost those files into a separate, virtual package header. This ain't gonna happen for rpm-4.1, will be addressed in rpm-4.2 |