diff --git a/src/OVAL/probes/unix/linux/rpm-helper.c b/src/OVAL/probes/unix/linux/rpm-helper.c
index f7e29cc3d2..e31b2b2e0d 100644
--- a/src/OVAL/probes/unix/linux/rpm-helper.c
+++ b/src/OVAL/probes/unix/linux/rpm-helper.c
@@ -51,3 +51,32 @@ void rpmLibsPreload()
 	const char* rcfiles = "";
 	rpmReadConfigFiles(rcfiles, NULL);
 }
+
+void set_rpm_db_path()
+{
+	/*
+	 * Fedora >=36 changed the default dbpath in librpm from /var/lib/rpm to /usr/lib/sysimage/rpm.
+	 * See: https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr
+	 *
+	 * Therefore, when running openscap on a Fedora >=36 system scanning another systems (such as RHEL, SLES, Fedora<36)
+	 * openscap's librpm will try to read the rpm db from /usr/lib/sysimage/rpm which doesn't exist and therefore won't work.
+	 * On many systems, /var/lib/rpm is still a symlink to /usr/lib/sysimage/rpm, so using /var/lib/rpm can work there.
+	 * However, on some systems, eg. bootc images, /var/lib/rpm isn't a symlink and doesn't contain the RPM database.
+	 *
+	 * We will first try if the "new" location /usr/lib/sysimage/rpm exists, and use it only if it exists.
+	 * If it doesn't exist, we will fall back to the "old" location /var/lib/rpm.
+	 */
+
+	struct stat sb;
+	const char *dbpath;
+	const char *prefix = getenv("OSCAP_PROBE_ROOT");
+	char *path_with_prefix = oscap_path_join(prefix, "/usr/lib/sysimage/rpm");
+	if (stat(path_with_prefix, &sb) == 0) {
+		dbpath = "/usr/lib/sysimage/rpm";
+	} else {
+		dbpath = "/var/lib/rpm";
+	}
+	free(path_with_prefix);
+	dI("Using %s as rpm database.", dbpath);
+	rpmPushMacro(NULL, "_dbpath", NULL, dbpath, RMIL_CMDLINE);
+}
diff --git a/src/OVAL/probes/unix/linux/rpm-helper.h b/src/OVAL/probes/unix/linux/rpm-helper.h
index de7b5fe351..d58f6ccaf5 100644
--- a/src/OVAL/probes/unix/linux/rpm-helper.h
+++ b/src/OVAL/probes/unix/linux/rpm-helper.h
@@ -99,4 +99,7 @@ int rpmVerifyFile(const rpmts ts, const rpmfi fi,
  */
 void rpmLibsPreload(void);
 
+void set_rpm_db_path(void);
+
+
 #endif
diff --git a/src/OVAL/probes/unix/linux/rpminfo_probe.c b/src/OVAL/probes/unix/linux/rpminfo_probe.c
index 46ad1d9719..53f97bd4b4 100644
--- a/src/OVAL/probes/unix/linux/rpminfo_probe.c
+++ b/src/OVAL/probes/unix/linux/rpminfo_probe.c
@@ -294,17 +294,7 @@ void *rpminfo_probe_init(void)
 		return ((void *)g_rpm);
         }
 
-        /*
-        * Fedora >=36 changed the default dbpath in librpm from /var/lib/rpm to /usr/lib/sysimage/rpm
-        * See: https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr
-        * Therefore, when running openscap on a Fedora >=36 system scanning another systems (such as RHEL, SLES, Fedora<36)
-        * openscap's librpm will try to read the rpm db from /usr/lib/sysimage/rpm which doesn't exist and therefore won't work.
-        * In implementing this change, /var/lib/rpm is still a symlink to /usr/lib/sysimage/rpm
-        * so /var/lib/rpm still works. So /var/lib/rpm is a dbpath that will work on all systems.
-        * Therefore, set the dbpath to be /var/lib/rpm, allow openscap running on any system to scan any system.
-        */
-        rpmPushMacro(NULL, "_dbpath", NULL, "/var/lib/rpm", RMIL_CMDLINE);
-
+	set_rpm_db_path();
 	g_rpm->rpmts = rpmtsCreate();
 	pthread_mutex_init (&(g_rpm->mutex), NULL);
 
diff --git a/src/OVAL/probes/unix/linux/rpmverify_probe.c b/src/OVAL/probes/unix/linux/rpmverify_probe.c
index 6a8f4b4992..bf310ea7d7 100644
--- a/src/OVAL/probes/unix/linux/rpmverify_probe.c
+++ b/src/OVAL/probes/unix/linux/rpmverify_probe.c
@@ -236,16 +236,7 @@ void *rpmverify_probe_init(void)
                 return (NULL);
         }
 
-        /*
-        * Fedora >=36 changed the default dbpath in librpm from /var/lib/rpm to /usr/lib/sysimage/rpm
-        * See: https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr
-        * Therefore, when running openscap on a Fedora >=36 system scanning another systems (such as RHEL, SLES, Fedora<36)
-        * openscap's librpm will try to read the rpm db from /usr/lib/sysimage/rpm which doesn't exist and therefore won't work.
-        * In implementing this change, /var/lib/rpm is still a symlink to /usr/lib/sysimage/rpm
-        * so /var/lib/rpm still works. So /var/lib/rpm is a dbpath that will work on all systems.
-        * Therefore, set the dbpath to be /var/lib/rpm, allow openscap running on any system to scan any system.
-        */
-        rpmPushMacro(NULL, "_dbpath", NULL, "/var/lib/rpm", RMIL_CMDLINE);
+	set_rpm_db_path();
 
 	struct rpm_probe_global *g_rpm = malloc(sizeof(struct rpm_probe_global));
 	g_rpm->rpmts = rpmtsCreate();
diff --git a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c
index 12145c411f..8da310e51b 100644
--- a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c
+++ b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c
@@ -358,16 +358,7 @@ void *rpmverifyfile_probe_init(void)
 
 	struct rpm_probe_global *g_rpm = malloc(sizeof(struct rpm_probe_global));
 
-	/*
-	* Fedora >=36 changed the default dbpath in librpm from /var/lib/rpm to /usr/lib/sysimage/rpm
-	* See: https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr
-	* Therefore, when running openscap on a Fedora >=36 system scanning another systems (such as RHEL, SLES, Fedora<36)
-	* openscap's librpm will try to read the rpm db from /usr/lib/sysimage/rpm which doesn't exist and therefore won't work.
-	* In implementing this change, /var/lib/rpm is still a symlink to /usr/lib/sysimage/rpm
-	* so /var/lib/rpm still works. So /var/lib/rpm is a dbpath that will work on all systems.
-	* Therefore, set the dbpath to be /var/lib/rpm, allow openscap running on any system to scan any system.
-	*/
-	rpmPushMacro(NULL, "_dbpath", NULL, "/var/lib/rpm", RMIL_CMDLINE);
+	set_rpm_db_path();
 
 	g_rpm->rpmts = rpmtsCreate();
 
diff --git a/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c b/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c
index 90d053aaae..4b5a09c6f9 100644
--- a/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c
+++ b/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c
@@ -332,6 +332,9 @@ void *rpmverifypackage_probe_init(void)
 		root = NULL;
 	}
 
+	// needs to be called before we chroot
+	set_rpm_db_path();
+
 	struct verifypackage_global *g_rpm = malloc(sizeof(struct verifypackage_global));
 	probe_chroot_init(&g_rpm->chr, root);
 
@@ -354,16 +357,6 @@ void *rpmverifypackage_probe_init(void)
 		return ((void *)g_rpm);
 	}
 
-	/*
-	* Fedora >=36 changed the default dbpath in librpm from /var/lib/rpm to /usr/lib/sysimage/rpm
-	* See: https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr
-	* Therefore, when running openscap on a Fedora >=36 system scanning another systems (such as RHEL, SLES, Fedora<36)
-	* openscap's librpm will try to read the rpm db from /usr/lib/sysimage/rpm which doesn't exist and therefore won't work.
-	* In implementing this change, /var/lib/rpm is still a symlink to /usr/lib/sysimage/rpm
-	* so /var/lib/rpm still works. So /var/lib/rpm is a dbpath that will work on all systems.
-	* Therefore, set the dbpath to be /var/lib/rpm, allow openscap running on any system to scan any system.
-	*/
-	rpmPushMacro(NULL, "_dbpath", NULL, "/var/lib/rpm", RMIL_CMDLINE);
 
 	g_rpm->rpm.rpmts = rpmtsCreate();