Yum
Discover to which package a file belongs to
With the right Linux software tools, it is easy to find to which package a file belongs. Or the opposite, what files are part of an installed package.
Summary
Discover quickly which file(s) and package are matched together.
Yum plugins: Available plugins and built-in security support
To determine the available yum plugins, we analyze them for our goal: discovering if security support is in the yum plugins itself or built-in by default.
Summary
Enhancing yum
Determine available plugins and built-in security support
To enhance the support in our auditing tool Lynis, we wanted to know if yum supports security related functions by using a plugin or having it as built-in functionality.
Yum
Yum, or Yellowdog Updater Modified, is a software management tool for Linux based systems. Usually it is used on systems running SuSE or Red Hat based (like RHEL, Fedora or CentOS). Plugins extend the functionality of yum, to improve its functionality.
Auditing Linux: Software Packages and Managers
Article about how to audit and check installed software packages and their security by using the related package managers.
Summary
No system can do its job without any installed software packages. However after installation of the system, or running it for a while, it often becomes unclear why some software was ever installed. This article looks at methods on auditing installed software, check for security updates and the related follow-up.
Package managers
To enable system administrators to properly manage software and upgrading them, Linux uses a package manager. This suite often consists of a package database, the software packages itself and several support tools. These tools in particular are used to query the database, install/remove software and assist in the upgrade process. But as usual, there are often some less known parameters which might make your job easier. For auditors it is especially interesting to know what options are available, to gather more specific information focused on proper software management.