rpm-plugin-audit - Man Page

Audit plugin for the RPM Package Manager

Description

The plugin writes basic information about rpm transactions to the audit log - like packages installed or removed. The entries can be viewed with

ausearch -m SOFTWARE_UPDATE

Data fields

The entries in the audit log have the following fields:

Field: Possible values Description
op: install/update/remove package operation
sw: name-version-release.arch of the package
key_enforce: 0/1 are signatures being enforced
gpg_res: 0/1 result of signature check (0 == fail / 1 ==success)
root_dir: Root directory of the operation, normally "/"
sw_type: "rpm" package format

Configuration

There are currently no options for this plugin in particular. See rpm-plugins(8) on how to control plugins in general.

See Also

ausearch(8), rpm-plugins(8)

Referenced By

rpm-plugins(8).

28 Jan 2020