[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apt-diff: a tool to diff filesystem content against APT

Tristan Schmelcher <tristan_schmelcher@alumni.uwaterloo.ca> writes:

> On Thu, Dec 9, 2010 at 11:12 PM, Goswin von Brederlow <goswin-v-b@web.de> wrote:
>> Osamu Aoki <osamu@debian.org> writes:
>>
>>> On Fri, Dec 10, 2010 at 12:06:45AM +0900, Osamu Aoki wrote:
>>>> Hi,
>>>>
>>>> On Wed, Dec 08, 2010 at 12:52:28PM -0800, Tristan Schmelcher wrote:
>>>> > On Tue, Dec 7, 2010 at 11:30 PM, Goswin von Brederlow <goswin-v-b@web.de> wrote:
>>>> > > Tristan Schmelcher <tristan.schmelcher@gmail.com> writes:
>>>> > >>> how does it deal with configurations generated in postinstall?
>>>> > I find debsums to be too basic for my needs. apt-diff is my attempt to
>>>> > improve upon it. I often want to answer the question "how does package
>>>> > X on my machine compare to a pristine installation?" debsums only
>>>> > gives part of the answer. It can't check files that are missing
>>>> > md5sums (which includes a lot of conffiles)
>>>                                      ~~~~~~~~~
>>>> Wrong.
>>>
>>> OOps..  I now see your point.  Sorry.
>>>
>>>> If you configure debsum correctly following manpage, md5sums are
>>>> available for all packages.  Use -g option to initialize it and make
>>>> sure to set the debconf boolean value debsums/apt-autogen to be "true".
>>>> I understand that this is an exra hussle.
>>>
>>> This is talking about files missing md5sums due to packaging practice of
>>> the maintainer.  conffiles are not debsums interest.
>>
>> Does debsums support ucf? Can it support ucf?
>>
>> What I mean is that often generated conffiles are installed with ucf and
>> ucf keeps track of the original generated checksum and the possibly
>> localy modified file and such. Does/could debsums tap into that info to
>> find generated conffiles that were changed?
>
> It would be pretty easy to tap into--the md5sums are all in
> /var/lib/ucf/hashfile and it's already in the format used by md5sum
> -c. But that still leaves a lot to be desired. On my machine there are
> only 26 entries in that file, whereas there are 1663 conffiles without
> md5sums.* As far as I know there's no metadata available to check the
> integrity of those files--they have to be compared to the original
> files in the .deb as apt-diff does.
>
> *As determined by this script:
>
> for file in /var/lib/dpkg/info/*.conffiles; do
>   for line in $(cat $file); do
>     line=$(sed -r 's/^\///' <<<$line)
>     md5sums=$(sed -r 's/conffiles/md5sums/' <<<$file)
>     if ! grep -qF $line $md5sums; then
>       echo $line
>     fi
>   done
> done | wc

If the conffile is shipped in the package then dpkg keeps track of the
checksum even if the md5sum files do not. I was assuming you ment files
not shipped in the package, i.e. those generated during postinst.

MfG
        Goswin
Reply to: