pakiti-client - Man Page

report the list of installed packages to a collecting server

Synopsis

pakiti-client [Options]

Description

pakiti-client finds the list of installed packages (i.e. rpm -qa on an RPM-based system) and formats it in a report that it sends (using a POST request) to a collecting server (see the --url option) and/or writes to a file (see the --output option).

In addition to the list of installed packages, the report also contains information about the submitting machine:

If a certificate (see the --encrypt option) is given then the report will be S/MIME encrypted before transmission. For reference, the exact command used to encrypt the report is:

  $ openssl smime -encrypt -binary -aes-256-cbc -outform DER

The recommended way to use this program is daily via cron, for instance with (using bash):

  # echo "MAILTO=somebody@some.where" > /etc/cron.d/pakiti-client
  # echo "$((RANDOM % 60)) $((RANDOM % 24)) * * * nobody pakiti-client \
    --config /etc/pakiti-client.cfg" >> /etc/cron.d/pakiti-client

Options

--config,  --conf PATH

use this configuration file before processing the command line parameters

--curl PATH

set the path of the curl command to use

--debug,  -d

enable debug mode

--dpkg-query PATH

set the path of the dpkg-query command to use

--encrypt PATH|STRING

use this certificate to encrypt the report; the value can either be the path of the file containing the certificate or the certificate itself as multi-line ASCII armored contents

--expect STRING

set the response string to expect from the server in case of success (default: OK)

--help,  -h,  -?

show some help

--host STRING

set the host name to use in the report

--hostname PATH

set the path of the hostname command to use

--input,  -i PATH

do not prepare a new report but, instead, read the report from the given file

--lsb_release PATH

set the path of the lsb_release command to use

--manual,  -m

show this manual

--mode STRING

the mode that determines how the report should be processed by the server. The following modes are supported: 'store-only', 'report-only', 'store-and-report'.

--no-protocol-version

do not include the protocol version in the message sent to the server.

--openssl PATH

set the path of the openssl command to use

--output,  -o PATH

write the prepared report to the given file

--pkg PATH

set the path of the pkg command to use

--rndsleep,  -r NUMBER

sleep for a random amount of seconds, up to the given number (useful when pakiti-client is invoked by cron)

--rpm PATH

set the path of the rpm command to use

--site NAME

set the site name to use in the report

--tag STRING

set the tag used by the collecting server to group reports

--uname PATH

set the path of the uname command to use

--url URL

send the prepared report to the collecting server at the given URL

--wget PATH

set the path of the wget command to use

Configuration File

pakiti-client can read its options from a configuration file (see the --config option).

The file can contain empty lines, comments (lines starting with #) or option settings either on one line or using the “heredoc” syntax. For instance:

  #
  # this is my pakiti-client configuration
  #
  url = http://some.where.org:8080/some/path
  encrypt = <<EOT
  -----BEGIN CERTIFICATE-----
  VR0gBF0wWzBZBgorBgEEAWAKBAsBMEswSQYIKwYBBQUHAgEWPWh0dHA6Ly9jYWZp
  U2VydmljZXMsQ049U22ydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1jZXJuLERD
  ...
  CREUmgapD+aWdxEfeb6qA0OqAFCeHYOWMeeqqtMUE1JPGPoWNkyzqaObr05jm0zd
  YwYIKwYBBQUHMAKGV2h0dHA6Ly6jYWZpbGVzLmNlcm4uY2gvY2FmaWxlcy9jZXJ=
  -----END CERTIFICATE-----
  EOT

The options specified on the command line have precedence over the ones found in the configuration file.

Report Format

The generated report is made of a header (containing information about the submitting machine) and a body (containing the list of installed packages).

The report is in text format and is made of lines, all ending with the newline character (0x0A). The report contains in order:

A separator line only contains the hash character (0x23), followed by the newline character (just like any other line).

A header line contains the header name (such as host), a colon character (0x3A), a space character (0x20) and the header value. See the “Description” section for the list of all possible header names.

A package line contains the package name, a tab character (0x09), the package full version, another tab and the package architecture. For rpm based systems, the full version is in fact EPOCH:VERSION:RELEASE.

Author

Lionel Cons <http://cern.ch/lionel.cons>

Info

2021-01-26 pakiti v3 System Manager's Manual