Skip to content

✨ Use rpm database path as evidence instead of files contained in the…#6309

Merged
chris-rock merged 1 commit intomainfrom
czunker/rpm_evidence
Dec 16, 2025
Merged

✨ Use rpm database path as evidence instead of files contained in the…#6309
chris-rock merged 1 commit intomainfrom
czunker/rpm_evidence

Conversation

@czunker
Copy link
Copy Markdown
Contributor

@czunker czunker commented Dec 16, 2025

… rpm

This alignes the rpm packages with dpkg and Windows: #5399

#5770

@czunker
✨ Use rpm database path as evidence instead of files contained in the…
f14c7e4 
… rpm

This alignes the rpm packages with dpkg and Windows:
#5399

#5770
Signed-off-by: Christian Zunker <christian@mondoo.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Dec 16, 2025
edited
Loading

Test Results

4 684 tests  ±0   4 680 ✅ ±0   2m 24s ⏱️ +4s
  415 suites ±0       4 💤 ±0 
   31 files   ±0       0 ❌ ±0 

Results for commit f14c7e4. ± Comparison against base commit 4a5a0aa.

♻️ This comment has been updated with latest results.

@czunker czunker marked this pull request as ready for review December 16, 2025 08:55
@czunker
Copy link
Copy Markdown
Contributor Author

czunker commented Dec 16, 2025

This is the new output:

cnspec run container image registry.access.redhat.com/ubi9/ubi:9.5-1730489303 -c "packages{ name files }"
→ no Mondoo configuration file provided, using defaults
packages.list: [
  0: {
    name: "redhat-release"
    files: [
      0: pkgFileInfo path="/var/lib/rpm/rpmdb.sqlite"
    ]
  }
  1: {
    name: "gpg-pubkey"
    files: [
      0: pkgFileInfo path="/var/lib/rpm/rpmdb.sqlite"
    ]
  }
  2: {
    name: "gpg-pubkey"
    files: [
      0: pkgFileInfo path="/var/lib/rpm/rpmdb.sqlite"
    ]
  }
...

The old output:

cnspec run container image registry.access.redhat.com/ubi9/ubi:9.5-1730489303 -c "packages{ name files }"
→ no Mondoo configuration file provided, using defaults
packages.list: [
  0: {
    name: "redhat-release"
    files: [
      0: pkgFileInfo path="/etc/dnf/protected.d/redhat-release.conf"
      1: pkgFileInfo path="/etc/issue"
      2: pkgFileInfo path="/etc/issue.d"
      3: pkgFileInfo path="/etc/issue.net"
      4: pkgFileInfo path="/etc/os-release"
      5: pkgFileInfo path="/etc/pki/product-default"
      6: pkgFileInfo path="/etc/pki/product-default/479.pem"
      7: pkgFileInfo path="/etc/pki/rpm-gpg"
      8: pkgFileInfo path="/etc/pki/rpm-gpg/ISV-Container-signing-key"
      9: pkgFileInfo path="/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta"
      10: pkgFileInfo path="/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
      11: pkgFileInfo path="/etc/pki/swid/CA/redhat.com"
      12: pkgFileInfo path="/etc/pki/swid/CA/redhat.com/redhatcodesignca.cert"
      13: pkgFileInfo path="/etc/redhat-release"
      14: pkgFileInfo path="/etc/swid/swidtags.d"
      15: pkgFileInfo path="/etc/swid/swidtags.d/redhat.com"
      16: pkgFileInfo path="/etc/system-release"
      17: pkgFileInfo path="/etc/system-release-cpe"
      18: pkgFileInfo path="/etc/yum.repos.d"
      19: pkgFileInfo path="/usr/lib/os-release"
      20: pkgFileInfo path="/usr/lib/rpm/macros.d/macros.dist"
      21: pkgFileInfo path="/usr/lib/swidtag/redhat.com"
      22: pkgFileInfo path="/usr/lib/swidtag/redhat.com/com.redhat.RHEL-9-x86_64.swidtag"
      23: pkgFileInfo path="/usr/lib/swidtag/redhat.com/com.redhat.RHEL-9.5-x86_64.swidtag"
      24: pkgFileInfo path="/usr/lib/sysctl.d/50-redhat.conf"
      25: pkgFileInfo path="/usr/lib/systemd/system-preset/85-display-manager.preset"
      26: pkgFileInfo path="/usr/lib/systemd/system-preset/90-default.preset"
      27: pkgFileInfo path="/usr/lib/systemd/system-preset/99-default-disable.preset"
      28: pkgFileInfo path="/usr/lib/systemd/user-preset/90-default-user.preset"
      29: pkgFileInfo path="/usr/lib/systemd/user-preset/99-default-disable.preset"
      30: pkgFileInfo path="/usr/share/doc/redhat-release/GPL"
      31: pkgFileInfo path="/usr/share/doc/redhat-release/GPL-source-offer"
    ]
  }
  1: {
    name: "gpg-pubkey"
    files: []
  }
  2: {
    name: "gpg-pubkey"
    files: []
  }
  3: {
    name: "libgcc"
    files: [
      0: pkgFileInfo path="/lib64/libgcc_s-11-20240719.so.1"
      1: pkgFileInfo path="/lib64/libgcc_s.so.1"
      2: pkgFileInfo path="/usr/lib/.build-id"
      3: pkgFileInfo path="/usr/lib/.build-id/2f"
      4: pkgFileInfo path="/usr/lib/.build-id/2f/aebc52689c2e49d42186149324b15e9212e59d"
      5: pkgFileInfo path="/usr/share/licenses/libgcc"
      6: pkgFileInfo path="/usr/share/licenses/libgcc/COPYING"
      7: pkgFileInfo path="/usr/share/licenses/libgcc/COPYING.LIB"
      8: pkgFileInfo path="/usr/share/licenses/libgcc/COPYING.RUNTIME"
      9: pkgFileInfo path="/usr/share/licenses/libgcc/COPYING3"
      10: pkgFileInfo path="/usr/share/licenses/libgcc/COPYING3.LIB"
    ]
  }

@chris-rock chris-rock merged commit a3f61e3 into main Dec 16, 2025
27 of 28 checks passed
@chris-rock chris-rock deleted the czunker/rpm_evidence branch December 16, 2025 14:20
@github-actions github-actions bot locked and limited conversation to collaborators Dec 16, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@chris-rock chris-rock chris-rock approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@czunker @chris-rock