Bug#187019: dpkg versus rpm: rpm has '--verify'
Package: dpkg
Version: 1.10.9
Severity: Wishlist
It would be nice to have a feature similar to rpm '--verify' option.
here is an exctract from rpm's manual page:
Verifying a package compares information about the
installed files in the package with information about the
files taken from the package metadata stored in the rpm
database. Among other things, verifying compares the
size, MD5 sum, permissions, type, owner and group of each
file. Any discrepencies are displayed. Files that were
not installed from the package, for example, documentation
files excluded on installation using the "--excludedocs"
option, will be silently ignored.
This could enable dpkg to alert if something is wrong, an maybe even to
restore
permissions/ownership when needed.
also, We could use it to check which package(s) is corrupted when a loss
of data occurs,
and, last but not least, we could check wether a basic rootkit was
installed and replaced some binaries/libraries.
The file existence/permission check could be done with the actual .deb
format, I suppose, but we need a new field in the master control file to
put md5 information. I'm not sure how difficult it can be to implement.
--
Clément "nodens" Hermann
Reply to: