9

Let's say I have an installed, working and up-to-date system, and want to verify that all package-installed files on it are the same as those packaged by the respective package maintainer.

In effect, I want a list of files that are somehow different between what I have installed "now" and what I would get if I were to reinstall using the same set of packages on a blank system. Short of actually reinstalling and comparing the outcome, how would I generate such a list of files?

I realize that some differences (configuration files, for example) are to be expected, but that's okay.

I'm primarily interested in Debian Wheezy, but a good answer would explore a solution that works with any reasonably modern Linux distribution based around the same package management infrastructure (apt, dpkg and friends).

user
  • 28,901
  • Possibly related: http://unix.stackexchange.com/questions/72746/get-diff-changes-between-original-files-installed-with-apt-and-current-files – slm May 31 '14 at 23:57
  • @slm http://unix.stackexchange.com/a/72778/2465 does have something that I could probably adapt, too. Thanks for that pointer. – user Jun 01 '14 at 14:34

2 Answers2

6

One way to accomplish this is to use the command debsums.

$ debsums <package>

Example

$ debsums xz-utils
/usr/bin/lzmainfo                                                             OK
/usr/bin/xz                                                                   OK
/usr/bin/xzdiff                                                               OK
/usr/bin/xzgrep                                                               OK
/usr/bin/xzless                                                               OK
/usr/bin/xzmore                                                               OK
/usr/share/doc/xz-utils/NEWS.Debian.gz                                        OK
/usr/share/doc/xz-utils/README.Debian                                         OK
/usr/share/doc/xz-utils/README.gz                                             OK
/usr/share/doc/xz-utils/copyright                                             OK
/usr/share/doc/xz-utils/extra/7z2lzma/7z2lzma.bash                            OK
/usr/share/doc/xz-utils/extra/scanlzma/scanlzma.c                             OK
/usr/share/doc/xz-utils/faq.txt.gz                                            OK
/usr/share/doc/xz-utils/history.txt.gz                                        OK
/usr/share/man/man1/lzmainfo.1.gz                                             OK
/usr/share/man/man1/xz.1.gz                                                   OK
/usr/share/man/man1/xzdiff.1.gz                                               OK
/usr/share/man/man1/xzgrep.1.gz                                               OK
/usr/share/man/man1/xzless.1.gz                                               OK
/usr/share/man/man1/xzmore.1.gz                                               OK
slm
  • 369,824
  • 1
    Not precisely what I was hoping for because not all files actually have stored checksums, but this does seem to get me reasonably close at least: dpkg -l | awk '/^ii/ { print $2 }' | xargs debsums | grep -vE 'OK$' It's worth noting that debsums reads locally stored checksums; that is not a problem if you're only concerned about accidental corruption, but potentially a problem if you're concerned about an active, intelligent attacker. – user Jun 01 '14 at 14:33
  • @MichaelKjörling - I did not research further but would be very surprised if dpkg didn't offer a facility to do this too. In my cursory searches I did not turn up anything though. RPM does offer a check and as is the case both RPM and dpkg generally are on par with each other. – slm Jun 01 '14 at 14:37
6

You can use

dpkg -V <package>

I test it and it works also on configuraton files.

After modifying /etc/iceweasel/profile/bookmarks.html and running dpkg -V iceweasel, I obtain the following output

??5?????? c /etc/iceweasel/profile/bookmarks.html

Note that only modified files are displayed and according to the dpkg man page, the output format is similar to rpm.

Ortomala Lokni
  • 4,814