Am 23.02.2013 um 05:52 schrieb Karanbir Singh <mail-lists at karan.org>: > On 02/22/2013 09:35 PM, Leon Fauster wrote: >> i use following script to scan top level >> directories for files that are not packaged: > > If you trust your rpm-db, ... i used to scan this list rpm -qa --qf '%{NAME}-%{SIGGPG:pgpsig}-%{SIGPGP:pgpsig}-%{VENDOR}\n' and checked them against keys that are _not_ in /etc/pki/rpm-gpg/. Just as a normal sanity check (plus rpm -V). i aware that this does not substitute a real auditing solution. -- LF