4e8bf6705f
- Removing extra space _ Fixing some typos Change-Id: Ib4f86c7a29074ce0150a3cd55478ed94f2d62c43
669 B
669 B
---id: RHEL-07-010020 status: implemented tag: packages ---
Ansible tasks will check the rpm -Va output (on CentOS
and RHEL) or the output of debsums (on Ubuntu) to see if
any files installed from packages have been altered. The tasks will
print a list of files that have changed since their package was
installed.
Deployers should be most concerned with any checksum failures for binaries and their libraries. These are most often a sign of system compromise or poor system administration practices.
Configuration files may appear in the list as well, but these are often less concerning since some of these files are adjusted by the security role itself.