Bug#166937: general: package integrity/compliance testing with dpkg?
Package: general
Version: N/A; reported 2002-10-29
Severity: wishlist
I have recently migrated my two PCs from RedHat to Debian and, although I do
like most of the features of apt, dpkg and friends, there is at least one
specific area which I feel it is lacking.
Using rpm, it was possibile to:
a) verify file integrity wrt original package
b) verify permission/ownership as above
c) fix permission/ownership if need be, without reinstalling the package
In Debian, according to a few developers and users I talked to, it is
possible to:
a) use md5sums (OK)
b) hope... (NOT OK)
c) cobble up together a script which reinstalls all installed packages and,
in the process, restores original permission/ownership of files (OVERKILL)
The rationale for this request is as follows: during the migration, I
encountered a number of problems that I fixed by altering file
permission/ownership. Now that I feel I understand a little better how
Debian works, I'd like to verify which of the changes I made (if any) still
persist and, in this case, reset them to the original distribution settings,
to minimize the chances of future conflicts and security holes.
I've been told that in the past such requests were usually turned down on
the ground that doing so would add a functionality that is already present
in tools such as Tripwire and I disagree: I'm not interested in what
Tripwire (or similar) tools have to offer, I know full well that adding this
feature to dpkg won't buy me security against modifications and deliberate
tampering of the system, I'm simply looking for a convenient way to reset
settings to the original value.
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux nausicaa 2.4.19-nausicaa #1 Sat Oct 26 15:57:09 CEST 2002 i686
Locale: LANG=en_IE@euro, LC_CTYPE=en_IE@euro
Reply to: