pakiti-client - Man Page
report the list of installed packages to a collecting server
Synopsis
pakiti-client [Options]
Description
pakiti-client finds the list of installed packages (i.e. rpm -qa
on an RPM-based system) and formats it in a report that it sends (using a POST request) to a collecting server (see the --url option) and/or writes to a file (see the --output option).
In addition to the list of installed packages, the report also contains information about the submitting machine:
arch
: the current architecturehost
: the host name (see the --host option)kernel
: the current kernelpackager
: the packager (rpm
ordpkg
)site
: the site name (see the --site option)system
: the operating system full nametag
: a tag used by the collecting server (see the --tag option)version
: the report format version (1
)
If a certificate (see the --encrypt option) is given then the report will be S/MIME encrypted before transmission. For reference, the exact command used to encrypt the report is:
$ openssl smime -encrypt -binary -aes-256-cbc -outform DER
The recommended way to use this program is daily via cron
, for instance with (using bash):
# echo "MAILTO=somebody@some.where" > /etc/cron.d/pakiti-client # echo "$((RANDOM % 60)) $((RANDOM % 24)) * * * nobody pakiti-client \ --config /etc/pakiti-client.cfg" >> /etc/cron.d/pakiti-client
Options
- --config, --conf PATH
use this configuration file before processing the command line parameters
- --curl PATH
set the path of the
curl
command to use- --debug, -d
enable debug mode
- --dpkg-query PATH
set the path of the
dpkg-query
command to use- --encrypt PATH|STRING
use this certificate to encrypt the report; the value can either be the path of the file containing the certificate or the certificate itself as multi-line ASCII armored contents
- --expect STRING
set the response string to expect from the server in case of success (default:
OK
)- --help, -h, -?
show some help
- --host STRING
set the host name to use in the report
- --hostname PATH
set the path of the
hostname
command to use- --input, -i PATH
do not prepare a new report but, instead, read the report from the given file
- --lsb_release PATH
set the path of the
lsb_release
command to use- --manual, -m
show this manual
- --mode STRING
the mode that determines how the report should be processed by the server. The following modes are supported: 'store-only', 'report-only', 'store-and-report'.
- --no-protocol-version
do not include the protocol version in the message sent to the server.
- --openssl PATH
set the path of the
openssl
command to use- --output, -o PATH
write the prepared report to the given file
- --pkg PATH
set the path of the
pkg
command to use- --rndsleep, -r NUMBER
sleep for a random amount of seconds, up to the given number (useful when pakiti-client is invoked by
cron
)- --rpm PATH
set the path of the
rpm
command to use- --site NAME
set the site name to use in the report
- --tag STRING
set the tag used by the collecting server to group reports
- --uname PATH
set the path of the
uname
command to use- --url URL
send the prepared report to the collecting server at the given URL
- --wget PATH
set the path of the
wget
command to use
Configuration File
pakiti-client can read its options from a configuration file (see the --config option).
The file can contain empty lines, comments (lines starting with #
) or option settings either on one line or using the “heredoc” syntax. For instance:
# # this is my pakiti-client configuration # url = http://some.where.org:8080/some/path encrypt = <<EOT -----BEGIN CERTIFICATE----- VR0gBF0wWzBZBgorBgEEAWAKBAsBMEswSQYIKwYBBQUHAgEWPWh0dHA6Ly9jYWZp U2VydmljZXMsQ049U22ydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jZXJuLERD ... CREUmgapD+aWdxEfeb6qA0OqAFCeHYOWMeeqqtMUE1JPGPoWNkyzqaObr05jm0zd YwYIKwYBBQUHMAKGV2h0dHA6Ly6jYWZpbGVzLmNlcm4uY2gvY2FmaWxlcy9jZXJ= -----END CERTIFICATE----- EOT
The options specified on the command line have precedence over the ones found in the configuration file.
Report Format
The generated report is made of a header (containing information about the submitting machine) and a body (containing the list of installed packages).
The report is in text format and is made of lines, all ending with the newline character (0x0A). The report contains in order:
- a first separator line indicating the beginning of the header
- one or more header lines
- a second separator line indicating the end of the header
- one or more package lines
- a third separator line indicating the end of the report
A separator line only contains the hash character (0x23), followed by the newline character (just like any other line).
A header line contains the header name (such as host
), a colon character (0x3A), a space character (0x20) and the header value. See the “Description” section for the list of all possible header names.
A package line contains the package name, a tab character (0x09), the package full version, another tab and the package architecture. For rpm
based systems, the full version is in fact EPOCH:VERSION:RELEASE.
Author
Lionel Cons <http://cern.ch/lionel.cons>
Copyright
Copyright (C) CERN 2014-2016
Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at: <http://www.apache.org/licenses/LICENSE-2.0>.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.