Article Title: Verify the software package validity before installing software on Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
In the past, I used to say "small is beautiful" to Linux experts ". This statement tells us the design features of the Linux operating system. Different from Microsoft, a Linux operating system is an operating system composed of relatively independent software. A software package provides a separate function. For this reason, most Linux system administrators usually deal with Linux system software packages. The system administrator should select and install appropriate software packages based on the needs of employees. Therefore, the software package is directly related to the security and performance of the Linux system. To create a stable and secure Linux operating system environment, it is recommended that the system administrator verify the validity of the software package before installing the software package. I will introduce several common verification methods below to help you identify the legitimacy of Linux software packages.
1. Check whether the software package has been tampered.
After a system engineer downloads a software package from the network, the most important thing is whether the software package has been tampered. For example, will some illegal attackers bind some illegal software in some famous software packages. For this reason, the system engineer hopes to have tools to help him verify whether the software package has been handled. For this purpose, the system engineer can use the rpm? K Command to verify. Verification result. For the sake of security, I have hidden the host name and account of the Linux server.
If the JDK package has not been modified or damaged, the result is shown in. Shal md5 OK, a brief message, tells the system engineer that the software package has not been tampered with and can be safely used. However, this command has a defect, that is, it only applies to rpm software packages. If the software package downloaded by the system engineer is not in RPM format, the following error message is displayed.
However, I also recommend that you use RPM to manage the software as the Linux system administrator. RPM software package is a developed software package management system, which simplifies the maintenance of the system. It only requires a few instructions to complete the functions of installing software packages, deleting software packages, and system verification. The RPM package has many features. If RPM is used, the system administrator can upgrade individual components in the system without re-installing the entire operating system. The RPM Software Package uses an intelligent and fully automated way to upgrade components, and the configuration file of the software package will be retained during the upgrade process. That is, after the email client is upgraded, the original account and other settings will be retained. If the office software is upgraded, the original toolbar and other user preference settings will also be retained, you do not need to reset the configuration after the upgrade. These measures can be easily maintained by administrators. For example, RPM can verify the software package. If the system administrator is worried about accidentally deleting important files in a software package while maintaining the operating system, the software package can be verified. If the software package has been installed, any changes to the related files will be queried. Therefore, the system administrator can choose whether to reinstall the software package as needed. It can be seen that many features of the RPM package can simplify the work of Linux System Engineers. For this reason, I strongly recommend that you manage software packages through RPM. It is also a unique feature of RPM to verify whether the software package has been tampered with or damaged.
[1] [2] Next page