Bug#187019: dpkg versus rpm: rpm has '--verify'

To: submit@bugs.debian.org
Subject: Bug#187019: dpkg versus rpm: rpm has '--verify'
From: Clement Hermann <clement.hermann@free.fr>
Date: Mon, 31 Mar 2003 19:03:38 +0200
Message-id: <[🔎] 3E8874EA.1070106@free.fr>
Reply-to: Clement Hermann <clement.hermann@free.fr>, 187019@bugs.debian.org

Package: dpkg
Version: 1.10.9
Severity: Wishlist

It would be nice to have a feature similar to rpm '--verify' option.

here is an exctract from rpm's manual page:


Verifying   a   package  compares  information  about  the
      installed files in the package with information about  the
      files  taken  from  the package metadata stored in the rpm
      database.  Among  other  things,  verifying  compares  the
      size,  MD5 sum, permissions, type, owner and group of each
      file.  Any discrepencies are displayed.  Files  that  were
      not installed from the package, for example, documentation
      files excluded on installation using  the  "--excludedocs"
      option, will be silently ignored.

This could enable dpkg to alert if something is wrong, an maybe even torestore

permissions/ownership when needed.

also, We could use it to check which package(s) is corrupted when a lossof data occurs,and, last but not least, we could check wether a basic rootkit wasinstalled and replaced some binaries/libraries.

The file existence/permission check could be done with the actual .debformat, I suppose, but we need a new field in the master control file toput md5 information. I'm not sure how difficult it can be to implement.


--
Clément "nodens" Hermann

Reply to:

Prev by Date: unsubscribe
Previous by thread: unsubscribe
Index(es):
- Date
- Thread