package integrity/compliance testing with dpkg?
Hello.
I have recently migrated my two PCs from RedHat to Debian and, although I do
like most of the features of apt, dpkg and friends, there is at least one
specific area which I feel it is lacking.
Using rpm, it was possibile to:
a) verify file integrity wrt original package
b) verify permission/ownership as above
c) fix permission/ownership if need be, without reinstalling the package
In Debian, according to a few developers and users I talked to, it is
possible to:
a) use md5sums (OK)
b) hope...
c) cobble up together a script which reinstalls all installed packages and,
in the process, restores original permission/ownership of files (OVERKILL)
The rationale for this request is as follows: during the migration, I
encountered a number of problems that I fixed by altering file
permission/ownership. Now that I feel I understand a little better how
Debian works, I'd like to verify which of the changes I made (if any) still
persist and, in this case, reset them to the original distribution settings,
to minimize the chances of future conflicts and security holes.
I've been told that in the past such requests were usually turned down on
the ground that doing so would add a functionality that is already present
in tools such as Tripwire and I disagree: I'm not interested in what
Tripwire (or similar) tools have to offer, I know full well that adding this
feature to dpkg won't buy me security against modifications and deliberate
tampering of the system, I'm simply looking for a convenient way to reset
settings to the original values.
Oh, one last plea: use blanks when shooting ;-)
TIA && KUTGW,
Andrea.
--
Mä muistan sen kirkkaan päivän, sen kesän ja sen valon häivän
Heinä haisi, puut tuoksui, linnut lauloi vaan
Ja Lada ajaa kylän raitilla, Lada ajaa ja stereot soittaa
Reply to: