[Rkhunter-users] rpm queryformat change

Kevin Fenzi Sun, 26 Nov 2017 11:47:42 -0800

Greetings. 

as noted in downstream Fedora bug ( 
https://bugzilla.redhat.com/show_bug.cgi?id=1517387 ) there's been a change in 
rpm's handling of queryformat with %{ARCH} in it with the rpm shipped in Fedora 
27.


This results in: 

 /bin/rpm -qf --queryformat 
'[%{FILEMODES:octal}:%{FILEUSERNAME}:%{FILEGROUPNAME}:%{FILESIZES}:%{FILEMTIMES}:%{FILEMD5S}:%{ARCH}:%{FILELINKTOS}:%{FILENAMES}]\n'
 /usr/bin/rpm 
error: incorrect format: array iterator used with different sized arrays

ARCH is now just one value for the entire package instead of a value for every 
file in that package. 

However, it's easy to get the old behavior by adding a = to the front of the 
format with different array size. ie, %{=ARCH}. This also works on f25, f26, 
el6 and el7 rpm. 

So, I think the fix is simple. 

Thoughts?

kevin
--

--- rkhunter-1.4.4/files/rkhunter       2017-06-29 00:51:57.000000000 -0700
+++ /usr/bin/rkhunter   2017-11-26 11:11:51.878660132 -0800
@@ -6437,7 +6437,7 @@
                                        FILE_IS_PKGD=1
                                        PKGNAME=`echo "${RKHTMPVAR}" | tail 
${TAIL_OPT}1`
 
-                                       RPM_QUERY_RESULT_ARCH=`${RPM_CMD} -qf 
--queryformat 
'[%{FILEMODES:octal}:%{FILEUSERNAME}:%{FILEGROUPNAME}:%{FILESIZES}:%{FILEMTIMES}:%{FILEMD5S}:%{ARCH}:%{FILELINKTOS}:%{FILENAMES}\n]'
 "${FNAME}" 2>/dev/null | grep ":${FNAMEGREP}\$"`
+                                       RPM_QUERY_RESULT_ARCH=`${RPM_CMD} -qf 
--queryformat 
'[%{FILEMODES:octal}:%{FILEUSERNAME}:%{FILEGROUPNAME}:%{FILESIZES}:%{FILEMTIMES}:%{FILEMD5S}:%{=ARCH}:%{FILELINKTOS}:%{FILENAMES}\n]'
 "${FNAME}" 2>/dev/null | grep ":${FNAMEGREP}\$"`
                                        ERRCODE=$?
 
                                        #
@@ -6453,7 +6453,7 @@
                                                        
RKHTMPVAR3="/usr${FNAMEGREP}"
                                                fi
 
-                                               
RPM_QUERY_RESULT_ARCH=`${RPM_CMD} -qf --queryformat 
'[%{FILEMODES:octal}:%{FILEUSERNAME}:%{FILEGROUPNAME}:%{FILESIZES}:%{FILEMTIMES}:%{FILEMD5S}:%{ARCH}:%{FILELINKTOS}:%{FILENAMES}\n]'
 "${FNAME}" 2>/dev/null | grep ":${RKHTMPVAR3}\$"`
+                                               
RPM_QUERY_RESULT_ARCH=`${RPM_CMD} -qf --queryformat 
'[%{FILEMODES:octal}:%{FILEUSERNAME}:%{FILEGROUPNAME}:%{FILESIZES}:%{FILEMTIMES}:%{FILEMD5S}:%{=ARCH}:%{FILELINKTOS}:%{FILENAMES}\n]'
 "${FNAME}" 2>/dev/null | grep ":${RKHTMPVAR3}\$"`
                                                ERRCODE=$?
                                        fi
 
@@ -10561,7 +10561,7 @@
                                #
 
                                if [ $NOVRFYFILE -eq 0 ]; then
-                                       PKGNAME_ARCH=`${RPM_CMD} -qf "${FNAME}" 
--queryformat '%{N}-%{V}-%{R}.%{ARCH}\n' 2>/dev/null`
+                                       PKGNAME_ARCH=`${RPM_CMD} -qf "${FNAME}" 
--queryformat '%{N}-%{V}-%{R}.%{=ARCH}\n' 2>/dev/null`
                                        ERRCODE=$?
 
                                        if [ $ERRCODE -eq 0 ]; then

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users

[Rkhunter-users] rpm queryformat change

Reply via email to