Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* rpm-plugins for plugins in general * selinux plugin * syslog plugin * audit plugin * prioreset plugin * ima plugin
- Loading branch information
Showing
7 changed files
with
199 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
'\" t | ||
.TH "RPM-AUDIT" "8" "28 Jan 2020" "Red Hat, Inc." | ||
.SH NAME | ||
rpm-plugin-audit \- Audit plugin for the RPM Package Manager | ||
|
||
.SH Description | ||
|
||
The plugin writes basic information about rpm transactions to the | ||
audit log - like packages installed or removed. The entries can be | ||
viewed with | ||
|
||
.B ausearch -m SOFTWARE_UPDATE | ||
|
||
|
||
.SS Data fields | ||
|
||
The entries in the audit log have the following fields: | ||
|
||
.TP | ||
.B Field | ||
.B Possible values Description | ||
|
||
.TP | ||
.B op | ||
install/update/remove package operation | ||
|
||
.TP | ||
.B sw | ||
name-version-release.arch of the package | ||
.TP | ||
.B key_enforce | ||
0/1 are signatures being enforced | ||
.TP | ||
.B gpg_res | ||
0/1 result of signature check (0 == fail / 1 ==success) | ||
.TP | ||
.B root_dir | ||
Root directory of the operation, normally "/" | ||
.TP | ||
.B sw_type | ||
"rpm" package format | ||
|
||
|
||
.SH Configuration | ||
|
||
There are currently no options for this plugin in particular. See | ||
.BR rpm-plugins (8) | ||
on how to control plugins in general. | ||
|
||
.SH SEE ALSO | ||
.IR ausearch (8) | ||
.IR rpm-plugins (8) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
.TH "RPM-IMA" "8" "28 Jan 2020" "Red Hat, Inc." | ||
.SH NAME | ||
rpm-plugin-ima \- IMA plugin for the RPM Package Manager | ||
|
||
.SH Description | ||
|
||
Integrity Measurement Architecture (IMA) and the Linux Extended | ||
Verification Module (EVM) allow to detect when files have been | ||
accidentally or maliciously altered. This plugin puts IMA/EVM | ||
signatures in the \fIsecurity.ima\fR extended file attribute during | ||
installation. This requires packages to contain the signatures - | ||
typically by being signed with \fBrpmsign --signfiles\fR. | ||
|
||
.SH Configuration | ||
|
||
The \fI%_ima_sign_config_files\fR macro controls whether signatures | ||
should also be written for config files. | ||
|
||
See | ||
.BR rpm-plugins (8) | ||
on how to control plugins in general. | ||
|
||
.SH SEE ALSO | ||
.IR evmctl (1) | ||
.IR rpmsign (8) | ||
.IR rpm (8) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
.TH "RPM-PRIORESET" "8" "28 Jan 2020" "Red Hat, Inc." | ||
.SH NAME | ||
rpm-plugin-prioreset \- Plugin for the RPM Package Manager to fix | ||
issues with priorities of deamons on SysV init | ||
|
||
.SH Description | ||
|
||
In general scriptlets run with the same priority as rpm | ||
itself. However on legacy SysV init systems, properties of the parent | ||
process can be inherited by the actual daemons on restart. As a | ||
result daemons may end up with unwanted nice or ionice values. This | ||
plugin resets the scriptlet process priorities after forking, and can | ||
be used to counter that effect. Should not be used with systemd | ||
because the it's not needed there, and the effect is | ||
counter-productive. | ||
|
||
.SH Configuration | ||
|
||
There are currently no options for this plugin in particular. See | ||
.BR rpm-plugins (8) | ||
on how to control plugins in general. | ||
|
||
.SH SEE ALSO | ||
.IR rpm (8) | ||
.IR rpm-plugins (8) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
.TH "RPM-SELINUX" "8" "14 Apr 2016" "Red Hat, Inc." | ||
.SH NAME | ||
rpm-plugin-selinux \- SELinux plugin for the RPM Package Manager | ||
|
||
.SH Description | ||
|
||
The plugin sets SELinux contexts for installed files and executed | ||
scriptlets. It needs SELinux to be enabled to work but will work in | ||
both enforcing and permissive mode. | ||
|
||
.SH Configuration | ||
|
||
The plugin can be disabled temporarily by passing \fB--nocontexts\fR | ||
at the RPM command line or setting the transaction flag | ||
\fBRPMTRANS_FLAG_NOCONTEXTS\fR in the API. | ||
|
||
See | ||
.BR rpm-plugins (8) | ||
on how to control plugins in general. | ||
|
||
.SH SEE ALSO | ||
.IR rpm (8) | ||
.IR rpm-plugins (8) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
.TH "RPM-SYSLOG" "8" "14 Apr 2016" "Red Hat, Inc." | ||
.SH NAME | ||
rpm-plugin-syslog \- Syslog plugin for the RPM Package Manager | ||
|
||
.SH Description | ||
|
||
The plugin writes basic information about rpm transactions to the syslog - like transactions run and packages installed or removed. | ||
|
||
.SH Configuration | ||
|
||
There are currently no options for this plugin in particular. See | ||
.BR rpm-plugins (8) | ||
on how to control plugins in general. | ||
|
||
.SH SEE ALSO | ||
.IR rpm (8) | ||
.IR rpm-plugins (8) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
.TH "RPM-PLUGINS" "8" "29 Jan 2020" "Red Hat, Inc." | ||
.SH NAME | ||
rpm-plugins \- Plugins for the RPM Package Manager | ||
|
||
.SH Description | ||
|
||
RPM plugins provide functionality that is not suited to be used | ||
everywhere. They may not be built or shipped on some platforms or may | ||
not be installed or be disabled on some systems. | ||
|
||
This allows plugins to interface with systems that may not acceptable | ||
as a dependency for RPM and to provide functionality that may be | ||
unwanted under some circumstances. | ||
|
||
For now the plugin API is internal only. So there is a limited number of | ||
plugins in the RPM sources. | ||
|
||
.SH Configuration | ||
|
||
Some plugins can be configured by specific macros or influenced by | ||
command line parameters. But most can only be turned on or off. See | ||
the plugin's man page for details. | ||
|
||
Plugins are controlled by a macro \fI%__transaction_NAME\fR which is | ||
set to the location of the plugin file. Undefining the macro | ||
or setting it to \fI%{nil}\fR will prevent the plugin from being run. | ||
|
||
This can be done on the RPM command line e.g. with | ||
\fB--undefine=__transaction_syslog\fR. To disable a plugin | ||
permantently drop a file in \fI/etc/rpm/\fR that contains | ||
|
||
__transaction_NAME %{nil} | ||
|
||
Another option is to remove the plugin from the system if it is | ||
packaged in its own sub package. | ||
|
||
For some operations it may be desirable to disable all plugins at | ||
once. This can be done by passing \fB--noplugins\fR to \fBrpm\fR at | ||
the command line. | ||
|
||
.SH SEE ALSO | ||
.IR rpm (8) | ||
.IR rpm-plugin-audit (8) | ||
.IR rpm-plugin-ima (8) | ||
.IR rpm-plugin-prioreset (8) | ||
.IR rpm-plugin-selinux (8) | ||
.IR rpm-plugin-syslog (8) | ||
.IR rpm-plugin-systemd-inhibit (8) |