cmd:debsums 

Info 

debsums - check the MD5 sums of installed Debian packages

Description 

Verify installed Debian package files against MD5 checksum lists from /var/lib/dpkg/info/*.md5sums.

debsums can generate checksum lists from deb archives for packages that don't include one.

Comments 

debsums is intended primarily as a way of determining what installed files have been locally modified by the administrator or damaged by media errors and is of limited use as a security tool.

If you are looking for an integrity checker that can run from safe media, do integrity checks on checksum databases and can be easily configured to run periodically to warn the admin of changes see other tools such as: aide, integrit, samhain, or tripwire.

Help 

Usage 

debsums -l
       List installed packages with no checksums.
debsums -ce
       List changed configuration files.
debsums -c
       List changed package files (execluding configuration files)
       from all installed packages with checksums.
debsums foo bar
       Check the sums for installed packages foo and bar.
debsums foo.deb bar.deb
       As above, using checksums from (or generated from) the archives.

Quick Help 

 Usage: debsums [OPTIONS] [PACKAGE|DEB] ...

Options:
 -a, --all                    check configuration files (normally excluded)
 -e, --config                 check only configuration files
 -c, --changed                report changed files (implies -s)
 -l, --list-missing           list packages which don't have an md5sums file
 -s, --silent                 only report errors
 -m, --md5sums=FILE           read list of deb checksums from FILE
 -r, --root=DIR               root directory to check (default /)
 -d, --admindir=DIR           dpkg admin directory (default /var/lib/dpkg)
 -p, --deb-path=DIR[:DIR...]  search path for debs
 -g, --generate=[all][,keep[,nocheck]]
                              generate md5sums from deb contents
     --no-locale-purge        warn on locale files even if locale-purge is used
     --help                   print this help, then exit
     --version                print version number, then exit

Config Help 

-p, --deb-path=dir[:dir...]
       Directories  in  which to look for debs derived from the package
       name (default is the current directory).
DPkg::Post-Invoke {
    "debsums --generate=nocheck -sp /var/cache/apt/archives";
};
       /etc/apt/apt.conf fragment to generate missing  checksums  after
       upgrade/install.

The command:

apt-get --reinstall --download-only install `debsums -l`

may be used to populate the cache with any debs not already in the cache.

Note This doesn't work for CD-ROM and other local sources as packages are not copied to /var/cache. Simple file sources (all debs in a a single directory) should be added to the -p list.

documented on: 2006.06.28

Read-only root fs 

Newsgroups:  gmane.linux.distributions.grml.user
Date:        Wed, 28 Jun 2006 21:34:27 +0200
> - 1st, does grml support read-only root fs? If not please put it into
> todo list.

That's pretty useless. Use the live-cd if you don't want to touch files on your harddisk.

> Since it is a Live distro, supporting read-only root fs should be
> trivial, but I need it badly. I have reiserfs for my root fs, but still
> that can't sustain the frequent power failure that I'm having.

reiserfs, bad choice for your root-fs…

> - 2nd, an OT question. Does Debian or grml support some kind of
> integrity test? My current situation is that after so many damn power
> failures, my lovely Debian is in an unstable stage, commands that used
> to work are now failing mystically. Re-install the packages that contain
> those tools won't help. I'm now forced to do a reinstallation after
> having my ever-upgrading-and-customizing Debian for so many years... I
> wish Debian or grml has the integrity testing capability that rpm has,
> ie. to test whether the libs/executables that reside on the disk are
> still the same as in the package. This might help for situations like
> what I'm experiencing, or HD failure, and potential compromised
> systems...

man debsums

Michael Prokop