From 5e84c4a947b4f7e5e8649a2f4a7c370340487ab6 Mon Sep 17 00:00:00 2001
From: Mixer9 <35545791+Mixer9@users.noreply.github.com>
Date: Tue, 18 Sep 2018 14:54:31 -0500
Subject: [PATCH] update shared.sh

Removed cut function and returned the last field with awk, this provides better listing since not all values returned will have the same fields. It also removes whitespace at the beginning of the values returned. see comparison below:

<code>
[root@soctxadm01:~]# rpm -Va --nofiledigest | grep '^.M' | cut -d ' ' -f4-
/etc/selinux/targeted/active/seusers
 /etc/selinux/targeted/active/users_extra
/var/lib/rpm/__db.001
/var/lib/rpm/__db.002
/var/lib/rpm/__db.003
 /opt/splunkforwarder/etc/auth
/var/lib/systemd/random-seed
 /etc/insights-client/.exp.sed
 /etc/insights-client/.fallback.json
 /etc/insights-client/.fallback.json.asc
 /etc/insights-client/cert-api.access.redhat.com.pem
/etc/insights-client/insights-client.conf
 /etc/insights-client/redhattools.pub.gpg
 /etc/insights-client/rpm.egg
 /etc/insights-client/rpm.egg.asc
/var/lock/iscsi
/var/lock/iscsi/lock
/run/lsm
/run/lsm/ipc
/var/log/dmesg
[root@soctxadm01:~]# rpm -Va --nofiledigest | grep '^.M' | awk '{print $NF}'
/etc/selinux/targeted/active/seusers
/etc/selinux/targeted/active/users_extra
/var/lib/rpm/__db.001
/var/lib/rpm/__db.002
/var/lib/rpm/__db.003
/opt/splunkforwarder/etc/auth
/var/lib/systemd/random-seed
/etc/insights-client/.exp.sed
/etc/insights-client/.fallback.json
/etc/insights-client/.fallback.json.asc
/etc/insights-client/cert-api.access.redhat.com.pem
/etc/insights-client/insights-client.conf
/etc/insights-client/redhattools.pub.gpg
/etc/insights-client/rpm.egg
/etc/insights-client/rpm.egg.asc
/var/lock/iscsi
/var/lock/iscsi/lock
/run/lsm
/run/lsm/ipc
/var/log/dmesg
</code>
---
 .../rpm_verification/rpm_verify_permissions/bash/shared.sh      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
index dfb13348d345..17e32976ced4 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
@@ -9,7 +9,7 @@ declare -a SETPERMS_RPM_LIST
 
 # Create a list of files on the system having permissions different from what
 # is expected by the RPM database
-FILES_WITH_INCORRECT_PERMS=($(rpm -Va --nofiledigest | grep '^.M' | cut -d ' ' -f4-))
+FILES_WITH_INCORRECT_PERMS=($(rpm -Va --nofiledigest | grep '^.M' | awk '{print $NF}'))
 
 # For each file path from that list:
 # * Determine the RPM package the file path is shipped by,