On Sat, Nov 15, 2008 at 5:59 AM, Martin Flemming <martin.flemming at desy.de> wrote:
Yep, somedays ago i've "found" pca too, and a xymon-module for it will be great !
.. maybe for redhat-clones there will be yum to use, has got somebody work for it ? :-)
I had one of our students write a package auditing script for RHEL 5.1, something to match the NetBSD pkgsrc security auditing script we use on all our NetBSD machines. The RHEL version requires 'yum install yum-security' and consists of: yum-audit - checks security status of yum installed packages on RHEL 5.1 and greater yum-get-audit-script - to be set up as a root cron job to pull the security statuses from yum yum-cve.ignore - an example CVE ignore file to tell the script with CVE's to mark as green - its location is specified in the yum-audit script
If others are interested, I'll see about making them available.
-Tracy