4 answers
- 10-1
Hi, are there any update?
Add your comment... - 10-1
I don't immediately see a way to resolve this. On rpm based systems, we use rpm to query the packages installed. On Centos6 (example) I can see we have zlib installed for both i686 and x86_64, exactly as you describe. Unfortunately, rpm doesn't give us the architecture. Same below (and further below for Ubuntu/Debian).
If anyone can suggest something, I'm all ears.
[user@centos6 ~]$ rpm -q zlib zlib-1.2.3-29.el6.x86_64 zlib-1.2.3-29.el6.i686 [user@centos6 ~]$
[user@centos6 ~]$ rpm -qi zlib Name : zlib Relocations: (not relocatable) Version : 1.2.3 Vendor: CentOS Release : 29.el6 Build Date: Fri 22 Feb 2013 09:02:17 AEST Install Date: Wed 13 Nov 2013 11:11:08 AEST Build Host: c6b9.bsys.dev.centos.org Group : System Environment/Libraries Source RPM: zlib-1.2.3-29.el6.src.rpm Size : 152305 License: zlib and Boost Signature : RSA/SHA1, Sun 24 Feb 2013 03:41:52 AEST, Key ID 0946fca2c105b9de Packager : CentOS BuildSystem <http://bugs.centos.org> URL : http://www.gzip.org/zlib/ Summary : The zlib compression and decompression library Description : Zlib is a general-purpose, patent-free, lossless data compression library which is used by many different programs. Name : zlib Relocations: (not relocatable) Version : 1.2.3 Vendor: CentOS Release : 29.el6 Build Date: Fri 22 Feb 2013 09:01:21 AEST Install Date: Fri 14 Feb 2014 11:07:58 AEST Build Host: c6b9.bsys.dev.centos.org Group : System Environment/Libraries Source RPM: zlib-1.2.3-29.el6.src.rpm Size : 139089 License: zlib and Boost Signature : RSA/SHA1, Sun 24 Feb 2013 03:50:39 AEST, Key ID 0946fca2c105b9de Packager : CentOS BuildSystem <http://bugs.centos.org> URL : http://www.gzip.org/zlib/ Summary : The zlib compression and decompression library Description : Zlib is a general-purpose, patent-free, lossless data compression library which is used by many different programs. [user@centos6 ~]$
Ubuntu (hence Debian) seem much the same.
mark@desktop:~$ dpkg-query -W gcc-5-base gcc-5-base:amd64 5.4.0-6ubuntu1~16.04.5 gcc-5-base:i386 5.4.0-6ubuntu1~16.04.5
mark@desktop:~$ dpkg-query -s gcc-5-base Package: gcc-5-base Status: install ok installed Priority: required Section: libs Installed-Size: 65 Maintainer: Ubuntu Core developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Multi-Arch: same Source: gcc-5 Version: 5.4.0-6ubuntu1~16.04.5 Breaks: gcc-4.4-base (<< 4.4.7), gcc-4.7-base (<< 4.7.3), gcj-4.4-base (<< 4.4.6-9~), gcj-4.6-base (<< 4.6.1-4~), gnat-4.4-base (<< 4.4.6-3~), gnat-4.6 (<< 4.6.1-5~) Description: GCC, the GNU Compiler Collection (base package) This package contains files common to all languages and libraries contained in the GNU Compiler Collection (GCC). Homepage: http://gcc.gnu.org/ Original-Maintainer: Debian GCC Maintainers <debian-gcc@lists.debian.org>
- Satoru Funai
Can you add "ARCH" column on audit.software table and also add matching condition name+version+ARCH for inserting new records? Satoru
- Mark Unwin
We can add arch, yes, easy. We cannot populate it as far as I can see. We use the below command (excluding zlib). Adding another loop over package name would increase the script time exponentially and still be very brittle in terms of extracting the correct arch. If dpkg or rpm provided the arch, could add it easily. rpm -qa zlib --queryformat="Name:%{NAME}\nVersion: %{VERSION}-%{RELEASE}\n\n" | sed -e 's/\&.*]]/]]/' Name:zlib Version: 1.2.3-29.el6 Name:zlib Version: 1.2.3-29.el6
- Satoru Funai
How about this for RHEL/CentOS? # rpm -q glibc --queryformat="\t\t<item>\n\t\t\t<name><\!\[CDATA\[%{NAME}\]\]></name>\n\t\t\t<arch><\!\[CDATA\[%{ARCH}\]\]></arch>\n\t\t\t<version><\!\[CDATA\[%{VERSION}-%{RELEASE}\]\]></version>\n\t\t\t<install_date><\!\[CDATA\[%{INSTALLTIME:date}\]\]></install_date>\n\t\t\t<url><\!\[CDATA\[%{URL}\]\]></url>\n\t\t</item>\n" <item> <name><![CDATA[glibc]]></name> <arch><![CDATA[x86_64]]></arch> <version><![CDATA[2.17-106.el7_2.8]]></version> <install_date><![CDATA[2016?08?05? 14?43?59?]]></install_date> <url><![CDATA[http://www.gnu.org/software/glibc/]]></url> </item> <item> <name><![CDATA[glibc]]></name> <arch><![CDATA[i686]]></arch> <version><![CDATA[2.17-106.el7_2.8]]></version> <install_date><![CDATA[2016?08?05? 14?44?16?]]></install_date> <url><![CDATA[http://www.gnu.org/software/glibc/]]></url> </item>
- Mark Unwin
Thanks for persisting with me. RPM and DPKG-QUERY do indeed support arch (or architecture for dpkg). Consider this added. I'll get it in ASAP.
Add your comment... - 10-1
I'm not why, but some application require i686 package on x86_64 system for installation dependency.
It have to be installed and should be collected to Open-Audit.
Any suggestions or ideas would be appreciated.
Regards,
Satoru Funai
Add your comment... - 10-1
Not sure why they would have multiple architectures installed, probably only need the x86_64 or the i686 but not both
Add your comment...
Our customer found that Open-Audit does not collect software under the conditions below;
eg.
glibc-2.17-157.el7.x86_64
glibc-2.17-157.el7.i686
Open-audit does not have architecture attribute on software table.
Therefore example like as above is recognized as same package then it is not showed on the software list.
Are there any work around?
Regards,
Satoru Funai