STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide

V-269292

CAT II (Medium)

AlmaLinux OS 9 must be configured so that the cryptographic hashes of system files match vendor values.

Rule ID

SV-269292r1050174_rule

STIG

Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide

Version

V1R6

CCIs

CCI-000366

Discussion

The hashes of important files like system executables should match the information given by the RPM database. Executables with erroneous hashes could be a sign of nefarious activity on the system.

Check Content

The following command will list which files on the system have file hashes different from what is expected by the RPM database:

 $ rpm -Va --noconfig | awk '$1 ~ /..5/ && $2 != "c"' 

If there is an output, this is a finding.

Fix Text

Given the output from the check command, identify the package that provides the output and reinstall it.

The following trimmed example output shows a package that has failed verification, been identified, reinstalled, and then passed re-verification:

$ rpm -Va --noconfig | awk '$1 ~ /..5/ && $2 != "c"' 

S.5....T.    /usr/bin/tar

$ dnf whatprovides /usr/bin/tar

tar-2:1.34-6.el9_1.x86_64 : GNU file archiving program

$ dnf reinstall tar

$ rpm -Va --noconfig | awk '$1 ~ /..5/ && $2 != "c"' 

[no output]