From 064854a725227b1727640539c573faab461dfc31 Mon Sep 17 00:00:00 2001
From: Daniel Nurmi <nurmi@anchore.com>
Date: Thu, 30 Jun 2022 14:07:08 -0700
Subject: [PATCH] fix: add glob to filter list to ensure rpm metadata files are
 matched when var/lib/rpm is a softlinked (#1077)

Signed-off-by: Daniel Nurmi <nurmi@anchore.com>
---
 syft/pkg/relationships_by_file_ownership.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/syft/pkg/relationships_by_file_ownership.go b/syft/pkg/relationships_by_file_ownership.go
index 691dbbacb2b..20079a893b6 100644
--- a/syft/pkg/relationships_by_file_ownership.go
+++ b/syft/pkg/relationships_by_file_ownership.go
@@ -13,6 +13,7 @@ var globsForbiddenFromBeingOwned = []string{
 	ApkDBGlob,
 	DpkgDBGlob,
 	RpmDBGlob,
+	"**/rpm/{Packages,Packages.db,rpmdb.sqlite}",
 	// DEB packages share common copyright info between, this does not mean that sharing these paths implies ownership.
 	"/usr/share/doc/**/copyright",
 }