Month: June 2015
RPM integrity and scripts
Yum repository comes with gpg and md5 support to verify the validity of the package You can list installed gpg keys in your system via
|
1 |
rpm -qa gpg-pubkey |
It will show the unique id for the installed keys in your system gpg-pubkey-e8562897-459f07a4 gpg-pubkey-217521f6-45e8a532 To list all information related to a key rpm -qi pgp-key-unique-id
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
Name : gpg-pubkey Relocations: (not relocatable) Version : 6b8d79e6 Vendor: (none) Release : 3f49313d Build Date: Wed Jan 16 03:03:02 2013 Install Date: Wed Jan 16 03:03:02 2013 Build Host: localhost Group : Public Keys Source RPM: (none) Size : 0 License: pubkey Signature : (none) Summary : gpg(Dag Wieers (Dag Apt Repository v1.0) <dag@wieers.com>) Description : -----BEGIN PGP PUBLIC KEY BLOCK----- Version: rpm-4.4.2.3 (NSS-3) mQGiBD9JMT0RBAC9Q2B0AloUMTxaK73sD0cOu1MMdD8yuDagbMlDtUYA1aGeJVO6 TV02JLGr67OBY+UkYuC1c3PUwmb3+jakZd5bW1L8E2L705wS0129xQOZPz6J+alF 5rTzVkiefg8ch1yEcMayK20NdyOmhDGXQXNQS8OJFLTIC6bJs+7MZL83/wCg3cG3 3q7MWHm3IpJb+6QKpB9YH58D/2WjPDK+7YIky/JbFBT4JPgTSBy611+bLqHA6PXq 39tzY6un8KDznAMNtm+NAsr6FEG8PHe406+tbgd7tBkecz3HPX8nR5v0JtDT+gzN 8fM3kAiAzjCHUAFWVAMAZLr5TXuoq4lGTTxvZbwTjZfyjCm7gIieCu8+qnPWh6hm 30NgA/0ZyEHG6I4rOWqPks4vZuD+wlp5XL8moBXEKfEVOMh2MCNDRGnvVHu1P3eD oHOooVMt9sWrGcgxpYuupPNL4Uf6B6smiLlH6D4tEg+qCxC17zABI5572XJTJ170 JklZJrPGtnkPrrKMamnN9MU4RjGmjh9JZPa7rKjZHyWP/z/CBrQ1RGFnIFdpZWVy cyAoRGFnIEFwdCBSZXBvc2l0b3J5IHYxLjApIDxkYWdAd2llZXJzLmNvbT6IWQQT EQIAGQUCP0kxPQQLBwMCAxUCAwMWAgECHgECF4AACgkQog5SFGuNeeYvDQCeKHST hIq/WzFBXtJOnQkJGSqAoHoAnRtsJVWYmzYKHqzkRx1qAzL18Sd0iEYEEBECAAYF Aj9JMWAACgkQoj2iXPqnmevnOACfRQaageMcESHVE1+RSuP3txPUvoEAoJAtOHon g+3SzVNSZLn/g7/Ljfw+uQENBD9JMT8QBACj1QzRptL6hbpWl5DdQ2T+3ekEjJGt llCwt4Mwt/yOHDhzLe8SzUNyYxTXUL4TPfFvVW9/j8WOkNGvffbs7g84k7a5h/+l IJTTlP9V9NruDt1dlrBe+mWF6eCY55OFHjb6nOIkcJwKxRd3nGlWnLsz0ce9Hjrg 6lMrn0lPsMV6swADBQP9H42sss6mlqnJEFA97Fl3V9s+7UVJoAIA5uSVXxEOwVoh Vq7uECQRvWzif6tzOY+vHkUxOBRvD6oIU6tlmuG3WByKyA1d0MTqMr3eWieSYf/L n5VA9NuD7NwjFA1kLkoDwfSbsF51LppTMkUggzwgvwE46MB6yyuqAVI1kReAWw+I RgQYEQIABgUCP0kxPwAKCRCiDlIUa4155oktAKDAzm9QYbDpk6SrQhkSFy016BjE BACeJU1hpElFnUZCL4yKj4EuLnlo8kc= =mqUt-----END PGP PUBLIC KEY BLOCK----- |
It
RedHat Packaging Security with yum
RedHat comes with a mitigated package called RHSA (RedHat security advisory) This RHSA comes with a unique id like CVE Contain the date of fix and these type packages come for the applications that shipped from RedHat Example RHSA-2015:0291 For listing available updates for application
|
1 2 3 4 5 |
yum updateinfo list openssl FEDORA-2015-0512 security openssl-1:1.0.1k-1.fc21.x86_64 FEDORA-2015-4303 security openssl-1:1.0.1k-6.fc21.x86_64 FEDORA-2015-10108 security openssl-1:1.0.1k-10.fc21.x86_64 |
For quick installation to security batches