Re: [hobbit] monitoring patch status?

["T.J. Yang" <tj_yang (at) hotmail.com>]

--------------------------------------------------
From: "Tracy Di Marco White" <gendalia (at) iastate.edu>
Sent: Sunday, November 16, 2008 1:17 AM
To: <hobbit (at) hswn.dk>
Subject: Re: [hobbit] monitoring patch status?

> On Sat, Nov 15, 2008 at 5:59 AM, Martin Flemming
> <martin.flemming (at) desy.de> wrote:
> > Yep, somedays ago i've "found" pca  too,
> > and a xymon-module for it will be great !
> >
> > .. maybe for redhat-clones there will be yum to use,
> > has got somebody work for it ? :-)
>
> I had one of our students write a package auditing script for RHEL
> 5.1, something to match the NetBSD pkgsrc security auditing script we
> use on all our NetBSD machines.


> The RHEL version requires 'yum
> install yum-security' and consists of:
> yum-audit - checks security status of yum installed packages on RHEL 5.1
>            and greater


I have RH machines ranging from RH9 to RHEL4.

My interest is to learn how to implement counter part of Solaris pca that 
compare with a
central patch/package database file(s) on web server. Audit is the main 
interest here.
This way xymon-pca module can report missed patchs/pkgs on one single 
column.


> yum-get-audit-script - to be set up as a root cron job to pull the 
> security
>            statuses from yum
> yum-cve.ignore - an example CVE ignore file to tell the script with CVE's
>            to mark as green
>               - its location is specified in the yum-audit script
>
> If others are interested, I'll see about making them available.

I am interested about the *.src.rpm to see/learn how you did it.

tj


> -Tracy
>
> To unsubscribe from the hobbit list, send an e-mail to
> hobbit-unsubscribe (at) hswn.dk