RPM_CHECK

The “RPM_CHECK” audit check is used to check the version numbers of installed RPM packages on the remote system. This check consists of four mandatory keywords (type, description, rpm, and operator) and one optional keyword (required). The rpm keyword is used to specify the package to look for and the operator keyword specifies the condition to pass or fail the check based on the version of the installed RPM package.

Note: Using the RPM checks is not portable across Linux distributions. Therefore, using RPM_CHECK is not considered portable.

Examples

These examples assume that you have installed iproute-2.4.7-10.

<custom_item>

type: RPM_CHECK

description: "RPM check for iproute-2.4.7-10 - should pass"

rpm: "iproute-2.4.7-10"

operator: "gte"

</custom_item>

<custom_item>

type: RPM_CHECK

description: "RPM check for iproute-2.4.7-10 should fail"

rpm: "iproute-2.4.7-10"

operator: "lt"

required: YES

</custom_item>

<custom_item>

type: RPM_CHECK

description: "RPM check for iproute-2.4.7-10 should fail"

rpm: "iproute-2.4.7-10"

operator: "gt"

required: NO

</custom_item>

<custom_item>

type: RPM_CHECK

description: "RPM check for iproute-2.4.7-10 should pass"

rpm: "iproute-2.4.7-10"

operator: "eq"

required: NO

</custom_item>