[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] check-rpms version 3.0.0 available



Dear linux-security subscribers:

I wrote a new version of the check-rpms script, see

http://www.sfu.ca/acs/security/linux/check-rpms.html

You can download the new version from that web site.
Here is a list of the main changes:

  - added support for SuSE Linux (tested with SuSE-9.0) and for Fedora Linux
    (tested with Fedora 1)
  - new --install-kernel option added to support kernel installations
  - new --exclude option added to exclude package from being updated
  - new --rpmopts option for passing options to the rpm command
  - added checks for multiple installed packages, e.g., check-rpms will
    no longer list an installed kernel package just because there is
    also an older (obsolete) kernel installed.

I encourage you to try out the new version. Since this is a substantial
rewrite/extension of the older version it is very well possible that
it contains a few bugs. Please, report those bugs you run into back to
me: OHTERWISE THEY DON'T GET FIXED!

A comment with respect to the SuSE support: SuSE comes with its own
update system: yast-online-update. You may very well want to use this
instead of check-rpms (I am still in the process of learning to do
things under SuSE).

An update to the Linux distributions on sphinx.sfu.ca (see also
the check-rpms.html web pages above):

- the RedHat 7.1 and 7.2 distributions have been deleted

- the RedHat 7.3 distribution is frozen in its current state

- a new SFU 1.0 distribution exists now: this distribution contains
  updates for RedHat 7.3 after Dec. 31, 2003. I recommend to do the
  following:
  1) mount the RedHat 7.3 distribution from sphinx (as explained on
     the check-rpms web page).
  2) run check-rpms using that mounted distribution and update your
     packages (until "check-rpms" does not generate any output anymore).
  3) unmount the RedHat 7.3 distribution
  4) mount the SFU 1.0 distribution
  5) change the $RPMDIR variable in /usr/local/etc/check-rpms.conf so
     that it corresponds to the SFU 1.0 distribution, e.g.,
     /mnt/sfu/RPMS.
  6) run check-rpms again (it should be using the new distribution now,
     but it may not generate any output: there are only 3 packages
     currently in the SFU distribution:
     check-rpms-3.0.0-1.noarch.rpm
     ethereal-0.10.0a-0.73.1.i386.rpm
     ethereal-gnome-0.10.0a-0.73.1.i386.rpm

- the SuSE-9.0 distribution is available and gets updated regularly.
  (the early bugs that some packages could not be found are fixed).
  There exists one problem that I have not fixed though:
  there is an unsatisfied dependency for the OpenOffice packages:
  libjawt.so cannot be found. The problem is that libjawt.so is part
  of the java runtime environment (jre) which is not part of the SuSE
  distribution because it is not GPL. The solution is to click on
  "ignore dependency" and install the jre from java.sun.com (or
  www.blackdown.org) later. Actually OpenOffice works fine without
  java, thus I am somewhat surprised that the rpm packages has been
  compiled with that annoying dependency. I'll investigate whether
  this can be fixed.

- a Fedora core 1 distribution will be installed in the near future.
  Currently I recommend to use the ftp.nrc.ca server that has Fedora
  updates in the /pub/systems/linux/redhat/fedora/linux/core/updates/1
  directory.

Comments with respect to these changes are welcome!

Cheers,
Martin

-- 
Martin Siegert
Manager, Research Services
WestGrid Site Manager
Academic Computing Services                        phone: (604) 291-4691
Simon Fraser University                            fax:   (604) 291-4242
Burnaby, British Columbia                          email: siegert@sfu.ca
Canada  V5A 1S6