Feature changed by: Elmar Stellnberger ATK (estellnb) Feature #306655, revision 3 Title: zypper: new command needed openSUSE-11.2: Unconfirmed Priority Requester: Important Requested by: Sascha Manns (saigkill) Description: Today my X-System crashed. So i become an Idea. It would be graeat, if we can implement an Function in zypper, who search the whole RPM- Database, and detects Errors with the installed Packages. And if he found Errors, that he connects to the Net and reinstalls the broken Packages. Discussion: #1: Rémy Marquis (spyhawk) (2009-07-06 12:20:26) I don't quite follow you. Is the requested feature different from the "zypper verify" command ? + #2: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:11) + Yip; this sounds quite like a request for a tool that I have recently + implemented: + http://wwwu.edu.uni-klu.ac.at/estellnb/checkroot/ + That one comes out of a security context and can even prevent a cracker + from hiding his traces to file changes. However the tool is still under + developement (especially the re-dld feature). Perhaps you wanna give it + a try (or wait vor v1.0). +   A totally different approach to your request would be feature 306508. + Such md5sum lists could directly determine illegally aletered files + wherupon applying an rpm -qf on these files would give you a list of + packages to be reinstalled. +   + #3: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:34) + https://features.opensuse.org/306508 (link to md5sum feature). + #4: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:41:52) + vote for it! -- openSUSE Feature: https://features.opensuse.org/306655

Feature changed by: Andreas Jaeger (a_jaeger) Feature #306655, revision 5 Title: zypper: new command needed - openSUSE-11.2: Unconfirmed + openSUSE-11.2: Evaluation Priority Requester: Important Requested by: Sascha Manns (saigkill) Description: Today my X-System crashed. So i become an Idea. It would be graeat, if we can implement an Function in zypper, who search the whole RPM- Database, and detects Errors with the installed Packages. And if he found Errors, that he connects to the Net and reinstalls the broken Packages. Discussion: #1: Rémy Marquis (spyhawk) (2009-07-06 12:20:26) I don't quite follow you. Is the requested feature different from the "zypper verify" command ? #2: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:11) Yip; this sounds quite like a request for a tool that I have recently implemented: http://wwwu.edu.uni-klu.ac.at/estellnb/checkroot/ That one comes out of a security context and can even prevent a cracker from hiding his traces to file changes. However the tool is still under developement (especially the re-dld feature). Perhaps you wanna give it a try (or wait vor v1.0).   A totally different approach to your request would be feature 306508. Such md5sum lists could directly determine illegally aletered files wherupon applying an rpm -qf on these files would give you a list of packages to be reinstalled. #3: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:34) https://features.opensuse.org/306508 (link to md5sum feature). #4: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:41:52) vote for it! -- openSUSE Feature: https://features.opensuse.org/306655

Feature changed by: Michael Löffler (michl19) Feature #306655, revision 7 Title: zypper: new command needed - openSUSE-11.2: Evaluation + openSUSE-11.2: Rejected by Michael Löffler (michl19) + reject date: 2009-08-11 14:54:41 + reject reason: too late for 11.2, moved to 11.3 Priority Requester: Important + openSUSE-11.3: Unconfirmed + Priority + Requester: Important Requested by: Sascha Manns (saigkill) Description: Today my X-System crashed. So i become an Idea. It would be graeat, if we can implement an Function in zypper, who search the whole RPM- Database, and detects Errors with the installed Packages. And if he found Errors, that he connects to the Net and reinstalls the broken Packages. Discussion: #1: Rémy Marquis (spyhawk) (2009-07-06 12:20:26) I don't quite follow you. Is the requested feature different from the "zypper verify" command ? #2: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:11) Yip; this sounds quite like a request for a tool that I have recently implemented: http://wwwu.edu.uni-klu.ac.at/estellnb/checkroot/ That one comes out of a security context and can even prevent a cracker from hiding his traces to file changes. However the tool is still under developement (especially the re-dld feature). Perhaps you wanna give it a try (or wait vor v1.0).   A totally different approach to your request would be feature 306508. Such md5sum lists could directly determine illegally aletered files wherupon applying an rpm -qf on these files would give you a list of packages to be reinstalled. #3: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:34) https://features.opensuse.org/306508 (link to md5sum feature). #4: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:41:52) vote for it! #5: Sascha Manns (saigkill) (2009-07-17 12:30:01) Great. Checkroot is what i mean. :-) I try it out... + #6: Michael Löffler (michl19) (2009-08-11 14:56:31) (reply to #5) + Does feature #306505 address your need, Sascha? And we can close this + one or is more investigation needed? -- openSUSE Feature: https://features.opensuse.org/306655

Feature changed by: Andreas Jaeger (a_jaeger) Feature #306655, revision 9 Title: zypper: new command needed openSUSE-11.2: Rejected by Michael Löffler (michl19) reject date: 2009-08-11 14:54:41 reject reason: too late for 11.2, moved to 11.3 Priority Requester: Important - openSUSE-11.3: Unconfirmed + openSUSE-11.3: Rejected by Andreas Jaeger (a_jaeger) + reject date: 2010-11-15 09:48:40 + reject reason: Not done in time for openSUSE 11.3. Priority Requester: Important Requested by: Sascha Manns (saigkill) Description: Today my X-System crashed. So i become an Idea. It would be graeat, if we can implement an Function in zypper, who search the whole RPM- Database, and detects Errors with the installed Packages. And if he found Errors, that he connects to the Net and reinstalls the broken Packages. Discussion: #1: Rémy Marquis (spyhawk) (2009-07-06 12:20:26) I don't quite follow you. Is the requested feature different from the "zypper verify" command ? #2: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:11) Yip; this sounds quite like a request for a tool that I have recently implemented: http://wwwu.edu.uni-klu.ac.at/estellnb/checkroot/ That one comes out of a security context and can even prevent a cracker from hiding his traces to file changes. However the tool is still under developement (especially the re-dld feature). Perhaps you wanna give it a try (or wait vor v1.0).   A totally different approach to your request would be feature 306508. Such md5sum lists could directly determine illegally aletered files wherupon applying an rpm -qf on these files would give you a list of packages to be reinstalled. #3: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:40:34) https://features.opensuse.org/306508 (link to md5sum feature). #4: Elmar Stellnberger ATK (estellnb) (2009-07-06 13:41:52) vote for it! #5: Sascha Manns (saigkill) (2009-07-17 12:30:01) Great. Checkroot is what i mean. :-) I try it out... #6: Michael Löffler (michl19) (2009-08-11 14:56:31) (reply to #5) Does feature #306505 address your need, Sascha? And we can close this one or is more investigation needed? #7: Robert Davies (robopensuse) (2009-11-30 23:01:27) Leaving out the intrustion detection feature mentioned in 306508 (MD5 alone should be considered broken for intrustion detection purposes), software packages like tripwire existed for that since mid-90's. @spyhawk -  this is asking for rpm verify, plus automagic refresh of rpm; not dependency checking Wouldn't this belong in some repair module, with verification by boot DVD/CD against external repo? -- openSUSE Feature: https://features.opensuse.org/306655