SV-214799r603261_rule
V-214799
SRG-OS-000480-GPOS-00227
RHEL-07-010020
CAT I
10
Run the following command to determine which package owns the file:
# rpm -qf <filename>
The package can be reinstalled from a yum repository using the command:
# sudo yum reinstall <packagename>
Alternatively, the package can be reinstalled from trusted media using the command:
# sudo rpm -Uvh <packagename>
Verify the cryptographic hash of system files and commands match the vendor values.
Check the cryptographic hash of system files and commands with the following command:
Note: System configuration files (indicated by a "c" in the second column) are expected to change over time. Unusual modifications should be investigated through the system audit log.
# rpm -Va --noconfig | grep '^..5'
If there is any output from the command for system files or binaries, this is a finding.
V-214799
False
RHEL-07-010020
Verify the cryptographic hash of system files and commands match the vendor values.
Check the cryptographic hash of system files and commands with the following command:
Note: System configuration files (indicated by a "c" in the second column) are expected to change over time. Unusual modifications should be investigated through the system audit log.
# rpm -Va --noconfig | grep '^..5'
If there is any output from the command for system files or binaries, this is a finding.
M
2899