What to do when rpm verification fails
Frank Elsner
Elsner at zrz.TU-Berlin.DE
Fri Jul 7 12:22:41 UTC 2006
On Fri, 7 Jul 2006 14:10:18 +0200 Andras Simon wrote:
> Doing an rpm -Va resulted in a lot of scary messages,
> S.?..... /usr/bin/passwd
> being one of the most chilling. (And I thought I was very strictly
> firewalled, with no unnecessary services running, except for
> postgresql. Oh well...)
>
> Anyway, at the very least, I'd like to reinstall the offending
> packages. Since there are other packages depending on them, I wonder
> how this can be done without too much hassle. Would
>
> rpm -e --nodeps <package>
> yum install <package>
>
> be safe?
>
> Also, I get a lot of
>
> prelink: /some/file/or/other : at least one of file's dependencies has
> changed since prelinking
>
> warnings during rpm -Va. Is this something to be worried about?
Oh YES.
You'be been hacked. Recheck with "chkrootkit".
Disconnect from net and re-install.
--Frank Elsner
More information about the users
mailing list