Executing "rpm -Va" command on Red Hat Satellite 6 provides a list of configuration files whose permissions were changed post package installation.
Issue
-
Current file permissions differ from the original file permissions when the files were created during the time of package installation.
-
Executing the
rpm -Va
command on Red Hat Satellite provides a list of configuration files whose permissions were changed post package installation. -
The security team uses
rpm -Va
command to verify packages and files installed on the satellite server and the following output is observed where a list of configuration files is provided whose permissions are changed/modified post package installation:# rpm -Va --nomtime --nosize --nomd5 --nolinkto <------Truncated Output------> .M....G.. c /etc/foreman-proxy/settings.d/ansible.yml .M....G.. c /etc/foreman-proxy/settings.d/remote_execution_ssh.yml .M....G.. c /etc/foreman-proxy/settings.d/openscap.yml .M....G.. c /etc/foreman-proxy/settings.d/bmc.yml .M....G.. c /etc/foreman-proxy/settings.d/dhcp.yml .M....G.. c /etc/foreman-proxy/settings.d/dhcp_isc.yml .M....G.. c /etc/foreman-proxy/settings.d/dhcp_libvirt.yml .M....G.. c /etc/foreman-proxy/settings.d/dns.yml .M....G.. c /etc/foreman-proxy/settings.d/dns_libvirt.yml .M....G.. c /etc/foreman-proxy/settings.d/dns_nsupdate.yml .M....G.. c /etc/foreman-proxy/settings.d/dns_nsupdate_gss.yml .M....G.. c /etc/foreman-proxy/settings.d/httpboot.yml .M....G.. c /etc/foreman-proxy/settings.d/logs.yml .M....G.. c /etc/foreman-proxy/settings.d/puppet.yml .M....G.. c /etc/foreman-proxy/settings.d/puppet_proxy_customrun.yml .M....G.. c /etc/foreman-proxy/settings.d/puppet_proxy_mcollective.yml .M....G.. c /etc/foreman-proxy/settings.d/puppet_proxy_puppet_api.yml .M....G.. c /etc/foreman-proxy/settings.d/puppet_proxy_salt.yml .M....G.. c /etc/foreman-proxy/settings.d/puppet_proxy_ssh.yml .M....G.. c /etc/foreman-proxy/settings.d/puppetca.yml .M....G.. c /etc/foreman-proxy/settings.d/puppetca_hostname_whitelisting.yml .M....G.. c /etc/foreman-proxy/settings.d/puppetca_http_api.yml .M....G.. c /etc/foreman-proxy/settings.d/puppetca_puppet_cert.yml .M....G.. c /etc/foreman-proxy/settings.d/puppetca_token_whitelisting.yml .M....G.. c /etc/foreman-proxy/settings.d/realm.yml .M....G.. c /etc/foreman-proxy/settings.d/realm_freeipa.yml .M....G.. c /etc/foreman-proxy/settings.d/templates.yml .M....G.. c /etc/foreman-proxy/settings.d/tftp.yml .M....G.. c /etc/foreman-proxy/settings.yml .M....... /var/log/puppetlabs/puppetserver .M....... /opt/rh/rh-nodejs6 .M....... /opt/rh/rh-nodejs6/enable .M....G.. /etc/pki/pulp .M....... g /etc/pki/pulp/rsa_pub.key .M...U... c /etc/pulp/server.conf .M....... /run/foreman-proxy .....U... /etc/puppetlabs/code/environments .....U... /etc/puppetlabs/code/modules .....UG.. /opt/puppetlabs/puppet/cache .....U... /opt/puppetlabs/puppet/modules .....UG.. /var/log/puppetlabs/puppet .....UG.. /var/run/puppetlabs .M....... /var/lib/foreman-proxy/ssh ......G.. c /etc/tomcat/server.xml <------Truncated Output------>
Environment
- Red Hat Satellite 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.