Feature changed by: Robert Davies (robopensuse) Feature #306655, revision 8 Title: zypper: new command needed openSUSE-11.2: Rejected by Michael Löffler (michl19) reject date: 2009-08-11 14:54:41 reject reason: too late for 11.2, moved to 11.3 Priority Requester: Important openSUSE-11.3: Unconfirmed Priority Requester: Important Requested by: Sascha Manns (saigkill) Description: Today my X-System crashed. So i become an Idea. It would be graeat, if we can implement an Function in zypper, who search the whole RPM- Database, and detects Errors with the installed Packages. And if he found Errors, that he connects to the Net and reinstalls the broken Packages. Discussion: #1: Rémy Marquis (spyhawk) (2009-07-06 12:20:26) I don't quite follow you. Is the requested feature different from the "zypper verify" command ? #2: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:11) Yip; this sounds quite like a request for a tool that I have recently implemented: http://wwwu.edu.uni-klu.ac.at/estellnb/checkroot/ That one comes out of a security context and can even prevent a cracker from hiding his traces to file changes. However the tool is still under developement (especially the re-dld feature). Perhaps you wanna give it a try (or wait vor v1.0). A totally different approach to your request would be feature 306508. Such md5sum lists could directly determine illegally aletered files wherupon applying an rpm -qf on these files would give you a list of packages to be reinstalled. #3: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:34) https://features.opensuse.org/306508 (link to md5sum feature). #4: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:41:52) vote for it! #5: Sascha Manns (saigkill) (2009-07-17 12:30:01) Great. Checkroot is what i mean. :-) I try it out... #6: Michael Löffler (michl19) (2009-08-11 14:56:31) (reply to #5) Does feature #306505 address your need, Sascha? And we can close this one or is more investigation needed? + #7: Robert Davies (robopensuse) (2009-11-30 23:01:27) + Leaving out the intrustion detection feature mentioned in 306508 (MD5 + alone should be considered broken for intrustion detection purposes), + software packages like tripwire existed for that since mid-90's. + @spyhawk - this is asking for rpm verify, plus automagic refresh of + rpm; not dependency checking + Wouldn't this belong in some repair module, with verification by boot + DVD/CD against external repo? -- openSUSE Feature: https://features.opensuse.org/306655