On Fri, Jun 7, 2013 at 2:06 AM, Troy Dawson <tdawson@xxxxxxxxxx> wrote: > Is there an official Fedora way for telling is something is hardened > correctly? > I'm working on hardening mongodb, and I think I have it right, but I'd > really like to check. > > I was given a couple of scripts, which had dependencies not in Fedora, which > then had dependencies not in Fedora, and so forth. At the third level of > dependencies, I figured there had to be a more official way. Were you trying to use https://github.com/kholia/checksec ? checksec is dependant on python-libarchive and pyelftools packages which haven't been packaged for Fedora so far. The following steps should suffice to get checksec working on Fedora systems, $ sudo yum install libarchive-devel python-virtualenv $ virtualenv --system-site-packages ~/venv $ source ~/venv/bin/activate (venv) $ pip install python-libarchive pyelftools (venv) $ cd ~/checksec # the git clone (venv) $ ./checksec.py /usr/bin/mongod You can also run scanner.py on the MongoDB rpm directly (without installing it). ... Can we please get python-libarchive and pyelftools packaged for Fedora? -- Dhiru -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
