centos7:1:2:3

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		 Previous revision
centos7:1:2:3 [2017/05/05 22:45] – created Piotr Kłoczewskicentos7:1:2:3 [2017/05/05 22:47] (current) – external edit 127.0.0.1
Line 10: Line 10:
 It is important to ensure that an RPM's package signature is always checked prior to installation to ensure that the software is obtained from a trusted source. It is important to ensure that an RPM's package signature is always checked prior to installation to ensure that the software is obtained from a trusted source.
 =====Audit=====  =====Audit===== 
-Run the following command and verify ''gpgcheck'' is set to '''1''':+Run the following command and verify ''gpgcheck'' is set to ''"1"'':
 <Code:bash> <Code:bash>
 # grep ^gpgcheck /etc/yum.conf  # grep ^gpgcheck /etc/yum.conf 
 gpgcheck=1 gpgcheck=1
 </Code> </Code>
-Run the following command and verify that all instances of ''gpgcheck'' returned are set to '''1''':+Run the following command and verify that all instances of ''gpgcheck'' returned are set to ''"1"'':
 <Code:bash> <Code:bash>
 # grep ^gpgcheck /etc/yum.repos.d/* # grep ^gpgcheck /etc/yum.repos.d/*
 </Code> </Code>
 =====Remediation=====  =====Remediation===== 
-Edit ''/etc/yum.conf'' and set '''gpgcheck=1''' in the ''[main]'' section. +Edit ''/etc/yum.conf'' and set ''gpgcheck=1'' in the ''[main]'' section. \\  
-Edit any failing files in ''/etc/yum.repos.d/*'' and set all instances of gpgcheck to '''1'''.+Edit any failing files in ''/etc/yum.repos.d/*'' and set all instances of gpgcheck to ''"1"''.
  • centos7/1/2/3.1494017103.txt.gz
  • Last modified: 2017/05/05 22:45
  • (external edit)