On Mon, 12 Apr 2004, Aaron Bostick wrote: > rpm -V allows me to see what files in a package have been modified by > checksum, group/owner, permissions, and I think even mtime/ctime? > > This is all great, however if something does show up wrong, the only > way to "fix" from an rpm standpoint is to reinstall the whole package. > You can use rpm2cpio to pull the individual file. For instance, if file /blah/ooo of package foo had a checksum mismatch you could do: cd / rpm2cpio /path/to/package/foo | cpio -id ./blah/ooo And this would put the original file back. > What I would love, is the ability, provided you have access to the > original rpm file, to "repair" the rpm install by only fixing what > shows up as changed from the output from rpm -V. e.g. if a file had > mode 644 originally but now shows 755, the repair would just put it > back to 644 without copying all the other files. > > To put this in context, I would use something like this in an > environment where I had automated package management using a tool like > cfengine or the like. For example, a host based IDS (think tripwire) > runs or even use rpm -V, and it detects a change. Depending on the > change, backup the file for later forensic investigation and automatically > replace it with the known good copy using the new rpm repair command. > All of this is done while you are at home sleeping. :) > > Of course I could do this now by reinstalling the whole package whenever > I see a change, but that seems like such horrible overkill, and on > big rpms, could be slow. > And could generate new errors depending on what their scriptlets are doing. Cheers...james > Would anyone else like this kind of feature or is there a better way > to do something like this? > > Thanks, > Aaron > > _______________________________________________ Rpm-list mailing list Rpm-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/rpm-list
