{"description": "The RPM package management system includes the ability\nto verify the integrity of installed packages by comparing the\ninstalled files with information about the files taken from the\npackage metadata stored in the RPM database. Although an attacker\ncould corrupt the RPM database (analogous to attacking the AIDE\ndatabase as described above), this check can still reveal\nmodification of important files. To list which files on the system differ from what is expected by the RPM database:\n<pre>$ rpm -qVa</pre>\nSee the man page for <tt>rpm</tt> to see a complete explanation of each column.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": ["rpm_verify_crypto_policies", "rpm_verify_hashes", "rpm_verify_ownership", "rpm_verify_permissions"], "platform": "not bootc", "platforms": ["not bootc"], "inherited_platforms": [], "cpe_platform_names": ["not_bootc"], "title": "Verify Integrity with RPM", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/group.yml"}