[SOLVED] Bash if then else to check if an rpm is installed not working

JockVSJock · 01-14-2016, 02:32 PM

So I'm trying to write a hardening script in Bash. A part of it will check if rpm gpg pubkeys are installed.

I'm not sure how to setup the rpm as a variable, if it is installed then to output it to the then statement, and this is what I'm getting when I run it.

Code:

./rpm_test.sh 
Confirm GPG Keys are installed./rpm_test.sh: line 6: [:  rpm -qa gpg-pubkey 2>&1 > /dev/null : 
syntax error in expression (error token is "gpg-pubkey 2>&1 > /dev/null ")

Code:

printf "Confirm GPG Keys are installed" 

if $[ rpm -qa gpg-pubkey 2>&1 > /dev/null ]; then 
 printf "GPG Keys are installed" 
 else "GPG Keys need to be installed" 
fi

Habitual · 01-14-2016, 02:34 PM

Code:

if [ rpm -qa gpg-pubkey 2>&1 > /dev/null ]; then

perhaps.

John VV · 01-14-2016, 04:56 PM

if you installed rpm's on rhel using yum
then the hash was checked

and yum will NAG!!!! you to install the keys if you did not

berndbausch · 01-14-2016, 05:14 PM

Quote:

Originally Posted by Habitual

Code:

if [ rpm -qa gpg-pubkey 2>&1 > /dev/null ]; then

perhaps.

Remove the square brackets and you should be fine.

Explanation: whatever comes between the if and the semicolon is executed and evaluated. A value of 0 is interpreted as TRUE and the then branch will be entered.

JockVSJock · 01-14-2016, 05:15 PM

Quote:

Originally Posted by John VV

if you installed rpm's on rhel using yum
then the hash was checked

and yum will NAG!!!! you to install the keys if you did not

Let's say in this case its all RPM, and yum is not an option.

JockVSJock · 01-15-2016, 01:38 PM

Quote:

Originally Posted by berndbausch

Remove the square brackets and you should be fine.

Explanation: whatever comes between the if and the semicolon is executed and evaluated. A value of 0 is interpreted as TRUE and the then branch will be entered.

Yes, you are right.

Code:

printf "Confirm if GPG Keys are installed... \n" 
  
if rpm -q gpg-pubkey 2>&1 > /dev/null ; then 
 printf "GPG Keys rpms are installed \n" 
else "GPG Keys need to be installed \n" 
fi

That code works, however some of the other examples that I've seen online refers to bash [[ conditional construct and using $<( command goes here )>

https://digitalvectorz.wordpress.com...ator-expected/

Example

Code:

if [[ rpm -q gpg-pubkey 2>&1 > /dev/null ]]; then 
 printf "GPG Keys rpm are installed \n" 
 else "GPG Keys need to be installed \n"
fi

It blows up with the following:

Code:

./rpm_test2.sh 
Confirm if GPG Keys are installed...
./rpm_test2.sh:  line 6:  conditional binary operator expected 
./rpm_test2.sh:  line 6:  syntax error `-q'
./rpm_test2.sh:  line 6:  `if [[ rpm -q gpg-pubkey 2>&1 > /dev/null ]]; then'

...so let me ask this...how do I set the rpm query output to appear in the then statement? I've added a variable...however I don't know...

Code:

printf "Confirm if GPG Keys are installed... \n" 
  
rpm_version=$

if rpm -q gpg-pubkey 2>&1 > /dev/null ; then 
 printf "GPG Keys rpms are installed $rpm_version \n" 
else "GPG Keys need to be installed" 
fi

Code:

./rpm_test.sh 
Confirm if GPG Keys are installed...
GPG Keys rpm are installed $

If I run this from the CLI

Code:

rpm -q gpg-pubkey 
gpg-pubkey-fd431d51-4ae0493b 
gpg-pubkey-2fa658e0-45700c69

Habitual · 01-15-2016, 02:14 PM

Code:

if rpm -qa | grep -q gpg-pubkey; then 
echo Installed; 
else 
echo Not Installed
fi

JockVSJock · 01-15-2016, 02:31 PM

Quote:

Originally Posted by Habitual

Code:

if rpm -qa | grep -q gpg-pubkey; then 
echo Installed; 
else 
echo Not Installed
fi

That's a simple way of doing it so that it works.

However if I have to output details into a report for, say a manager or auditor.

So I'm still having issues with the variable.

Habitual · 01-15-2016, 03:13 PM

Code:

PACKAGE=gpg-pubkey
if rpm -qa | grep -q $PACKAGE; then  echo "$PACKAGE is installed"; else  echo "$PACKAGE needs to be installed"; fi