[hobbit] monitoring patch status?

Tracy Di Marco White gendalia at iastate.edu
Sun Nov 16 08:17:02 CET 2008


On Sat, Nov 15, 2008 at 5:59 AM, Martin Flemming
<martin.flemming at desy.de> wrote:
>
> Yep, somedays ago i've "found" pca  too,
> and a xymon-module for it will be great !
>
> .. maybe for redhat-clones there will be yum to use,
> has got somebody work for it ? :-)

I had one of our students write a package auditing script for RHEL
5.1, something to match the NetBSD pkgsrc security auditing script we
use on all our NetBSD machines.  The RHEL version requires 'yum
install yum-security' and consists of:
yum-audit - checks security status of yum installed packages on RHEL 5.1
            and greater
yum-get-audit-script - to be set up as a root cron job to pull the security
            statuses from yum
yum-cve.ignore - an example CVE ignore file to tell the script with CVE's
            to mark as green
               - its location is specified in the yum-audit script

If others are interested, I'll see about making them available.

-Tracy



More information about the Xymon mailing list