After a minor security incident you are instructed by your lead sys-admin to verify the RPM’s installed on a running system.
Which command will create a complete report which you can analyze for changes which may be security related?
A.
rpm -Va > report
B.
rpm -Qavy > report
C.
rpm -Vqt –nomd5 > report
D.
rpm –checkfiles > report
E.
rpm -Va –nofiles > report
Explanation:
-Qavy is an invalid option, as is –checkfiles.
–nomd5 is a deprecated option
–nofiles would disable checking of any files in the packagesExample
rpm -Va ncurses
S…….. /usr/bin/captoinfo
S…….. /usr/bin/clear
S…….. /usr/bin/infocmp
S…….. /usr/bin/infotocap
[…]
would indicate that the file size has changed since installing the files.