Hi!
I found the debsums tool in Debian, which allows to check the current install for file integrity. Is there something comparable for openSUSE (TW / Leap)?
Many thanks in advance
Hi!
I found the debsums tool in Debian, which allows to check the current install for file integrity. Is there something comparable for openSUSE (TW / Leap)?
Many thanks in advance
I think you should either tell what that product does, or at least provide a link to it’s documentation. People here are not required to have Debian knowledge.
Hmm, “which allows to check the current install for file integrity” is quite descriptive, I think. It compares checksums for all installed system files to a database (?) and if there is a non-match you can be pretty sure the respective file has been altered one or the other way and re-install the respective package.
Quit simple, or?
Quote
debsums - check the MD5 sums of installed Debian packages
Verify installed Debian package files against MD5 checksum lists from /var/lib/dpkg/info/*.md5sums
http://manpages.ubuntu.com/manpages/trusty/man1/debsums.1.html
means IMHO something completely different from what the thread title says “Check file system integrity” (which is something I use fsck and friends for). So confusing at least.
Anything on topic?
Hi
I let you read the manual, but rpm -V checks nine different attributes including the md5 checksum.
But there is no tiny package/script to run that checks these “nine different attributes including the md5 checksum” for the whole / and prints out packages that differ from “normal”?
I tried
sudo rpm -V -a
but I only want to see a list of files with MD5 sums deviating…
Did you try to read rpm man page?
Yepp.
http://ftp.rpm.org/max-rpm/rpm.8.html#SELECT-OPTIONS
It’s a mess, as usual. The man pages in linux are only readable if you already have 90% of the knowledge included in the man page.
“Wer’s nicht einfach und klar sagen kann, der soll schweigen und weiterarbeiten, bis er’s klar sagen kann.” (Karl Popper)
You are exaggerating. From rpm --help:
-a, --all query/verify all packages
Verify options (with -V or --verify):
List all changed files of all installed packages:
3400G:~ # rpm -aV
.M....... g /var/log/alternatives.log
.....U... /var/lib/mlocate
.....UG.. g /var/lib/mlocate/mlocate.db
S.5....T. c /etc/fonts/conf.d/10-rendering-options.conf
S.5....T. c /etc/fonts/conf.d/58-family-prefer-local.conf
.M....... g /usr/share/fonts/Type1/encodings.dir
.M....... g /usr/share/fonts/cyrillic/encodings.dir
.M....... g /usr/share/fonts/cyrillic/fonts.scale
.M....... g /usr/share/fonts/truetype/encodings.dir
.M....... g /usr/share/fonts/100dpi/encodings.dir
.M....... g /usr/share/fonts/100dpi/fonts.scale
.M....... g /usr/share/fonts/75dpi/encodings.dir
.M....... g /usr/share/fonts/75dpi/fonts.scale
SM5....T. c /etc/fonts/conf.d/30-metric-aliases.conf
S.5....T. c /etc/default/hd-idle
S.5....T. c /etc/sddm.conf
.....UG.. g /run/sddm
/run/uscreens/: no configuration entry in active permission profiles found. Cannot check this path.
......G.. g /etc/named.conf.include
.....UG.. /var/lib/named/master
......G.. g /var/lib/named/etc/named.conf.include
.M....... g /usr/share/fonts/misc/encodings.dir
.M....... g /usr/share/fonts/misc/fonts.scale
S.5....T. c /etc/zypp/zypp.conf
.M....... g /var/cache/PackageKit
.M....... g /run/netconfig
.M....... g /run/netconfig/resolv.conf
.M....... g /run/netconfig/yp.conf
.M....... g /run/cryptsetup
.M....... g /run/mcelog
.M....... g /boot/grub2/grub.cfg
S.5....T. c /etc/default/grub
S.5....T. c /etc/minidlna.conf
....L.... d /usr/share/man/man1/ftp.1.gz
S.5....T. c /etc/wpa_supplicant/wpa_supplicant.conf
.M....G.. g /run/wpa_supplicant
.......T. c /etc/sysctl.conf
.M....G.. g /var/log/lastlog
S.5....T. c /etc/apache2/default-server.conf
.M....... d /usr/share/info/dir
.M....... g /var/lib/pulseaudio
....L.... /usr/bin/vi
.M....G.. /var/log/journal
.M....... g /var/lib/ca-certificates/ca-bundle.pem
.M....... g /var/lib/ca-certificates/java-cacerts
........P /usr/lib64/libexec/ksysguard/ksgrd_network_helper
S.5....T. c /etc/postfix/main.cf
S.5....T. c /etc/postfix/master.cf
S.5....T. c /etc/postfix/sasl_passwd
S.5....T. c /etc/postfix/sender_canonical
S.5....T. c /etc/postfix/virtual
.M....... c /var/log/audit/audit.log
......G.. c /etc/fetchmailrc
.M....... g /var/lib/chrony/drift
.M....... g /etc/xml/catalog-d.xml
missing /usr/lib64/libreoffice/program/intro-highres.png
missing /usr/lib64/libreoffice/program/shell/logo.svg
missing /usr/lib64/libreoffice/program/shell/logo_inverted.svg
.M....... g /usr/lib/udev/compat-symlink-generation
3400G:~ #
Find the package name owning a file:
3400G:~ # rpm -qf /etc/minidlna.conf
minidlna-1.2.1-3.4.x86_64
3400G:~ #
To restore the original file move the modified one and do a forced install.
3400G:~ # zypper install --dry-run --force minidlna
Loading repository data...
Reading installed packages...
Forcing installation of 'minidlna-1.2.1-3.4.x86_64' from repository 'Haupt-Repository (OSS)'.
Resolving package dependencies...
The following package is going to be reinstalled:
minidlna
1 package to reinstall.
Overall download size: 184.2 KiB. Already cached: 0 B. No additional space will be used or freed after the operation.
Continue? [y/n/v/...? shows all options] (y):
Checking for file conflicts: (1 skipped) ...............................................................................................................................................................................................................................[done]
Warning: 1 package had to be excluded from file conflicts check because it is not yet download.
Note: Checking for file conflicts requires not installed packages to be downloaded in advance in
order to access their file lists. See option '--download-in-advance / --dry-run --download-only'
in the zypper manual page for details.
3400G:~ #
Well … you asked for
only want to see a list of files with MD5 sums deviating
Quoting man page
--nolinkto
--nofiledigest (formerly --nomd5)
--nosize
--nouser
--nogroup
--nomtime
--nomode
--nordev
Don't verify the corresponding file attribute.
not to mention that it is trivial to filter out lines without “5” in the first word.
P.S. “If you really want to do something, you’ll find a way. If you don’t, you’ll find an excuse.”
OK, many thanks, sometimes I’m a little slow…
I tried now:
sudo rpm -V -a --nolinkto --nosize --nouser --nogroup --nomtime --nomode --nordev
…and have some .conf files in the output (which makes sense, as they are customized) but also I see:
...
..5...... /usr/bin/inxi
...
Should I re-install inxi, as the MD5 is apparently not matching?
PS: I you ever start looking for an avatar, how about this here?
https://images.blogthings.com/thesesamestreetpersonalityquiz/oscar.jpg
No offence intended…
No idea. Quick look shows that it is capable of self-updating from github so may be it did.
If you are concerned fix it:
erlangen:~ # rpm -V at
**.M...UG.. /var/spool/atjobs**
**missing /var/spool/atjobs/.SEQ**
**missing /var/spool/atspool**
erlangen:~ # zypper in -f at
Loading repository data...
Reading installed packages...
Forcing installation of 'at-3.2.1-1.1.x86_64' from repository 'openSUSE-Tumbleweed-Oss'.
Resolving package dependencies...
The following package is going to be reinstalled:
at
1 package to reinstall.
Overall download size: 63.8 KiB. Already cached: 0 B. No additional space will be used or freed after the operation.
Continue? [y/n/v/...? shows all options] (y):
Retrieving package at-3.2.1-1.1.x86_64 (1/1), 63.8 KiB (118.8 KiB unpacked)
Retrieving: at-3.2.1-1.1.x86_64.rpm ...........................................................................................................................................................................................................................................................[done]
Checking for file conflicts: ..................................................................................................................................................................................................................................................................[done]
(1/1) Installing: at-3.2.1-1.1.x86_64 .........................................................................................................................................................................................................................................................[done]
Additional rpm output:
Updating /etc/sysconfig/atd ...
/usr/bin/at: setting to root:trusted 4755 (wrong permissions 4750)
erlangen:~ # rpm -V at
erlangen:~ #
I uninstalled inxi, didn’t use it for some time and can re-install easily if needed