Re: Checking for corruption?
> Is there a way of checking the per-file checksums (other than using
> adpkg, which I had trouble with before). I know that not many packages
> include these, but I'd like to check what I can.
The 'debsums' program, included with debmake, can be used to verify
the checksums in /var/lib/dpkg/info/*.md5sums .
Alternately, you can use the programs in the 'dpkgcert' package,
currently in Incoming (and slated for experimental). The 'dpkgcert'
package can be used to verify a complete debian installation against
an external database of PGP-signed verification certificates (note
that this does not necessarily provide secure verification, as an
attacker could always have tampered with your python installation,
among other things).
There's a certificate database in my home directory on master. You
can download that (it's about 6M compressed, 23M uncompressed); . To
verify your system, use the following command:
dpkgcert-verify --index-file certificates.gdbm --installed
[ The large database size is because it contains certificates for all
packages uploaded since February, even obsolete ones. In theory
there's a mechanism to download only the appropriate certificates
interactively from a database server, but I don't have any machine
available at the moment on which to run the server. ]
If you have any problems or questions, feel free to contact me
directly.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: