CentOS Fedora

Verify RPM package integrity

In the case of Centos/RedHat OS, RPM tool can be used to verify the integrity of the installed package and check if any of the package has been compromised or not. RPM maintains a local database of all your packages installed in the system.

‘rpm -V packagename’ can be used to test package integrity.  If anything has changed, it outputs with following symbols.

       S = File size changed 
       M = File mode changed
       5 = MD5 checksum changed 
       L = Symlink changed 
       U = Owner changed 
       G = Group changed 
       T = Modification time changed 
       c = it is a configuration file that has changed
       missing = file is gone.

If the package is all good and nothing related to it has changed, then it won’t output anything.

This  information helps us to know if anyone has replaced original binary files with some hacked binaries or if anything that is not supposed to be changed has been modified.

For eg:

rpm -V sudo-1.7.2p1-22.el5
S.5….T  c /etc/sudoers

Here, it indicates that a configuration file /etc/sudoers file that is related with  sudo package has been modified. As a reason, its MD5 checksum has also changed.

Related Articles

  • How to Manage a Linux Server with systemd

    What Operating Systems Have Adopted systemd? CentOS: Yes, by default since CentOS 7 Fedora: Yes, since the release of Fedora 15 RedHat: Yes Debian: Yes, shipped since Debian 7 as...
  • Disable SELinux

    Security-Enhanced Linux (SELinux) is a mandatory access control (MAC) security mechanism implemented in the Linux kernel. This mechanism adds an extra layer of access security to your files,directories,devices, ports and...
  • A Basic Overview of the Vim Text Editor

    Many articles in our Webair Community advise editing configuration files. We usually recommend using your preferred text editor. I personally prefer vim. Vim, or its older sibling vi, are installed...
  • How to List Which Apache 2 Modules are Enabled on CentOS 6.x

    View Loaded Apache Modules Just one command: apachectl -M Or, if you want to view the list in alphabetical order: apachectl -M | sort Or, if you want to view...