FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 11-30-2011, 09:06 PM
Matthew Braun
 
Default Generate a file+MD5 checksum filesystem manifest from packages?

I apologize if I'm posting to the wrong mailing list and I'd be thankful for pointers in the right direction, as I am very new to getting under the hood of my systems in the way that I'm asking about.

I want to come up with a programatic way to construct a "reference" manifest of a filesystem. In other words, "System Foo has xxxx packages installed. For each package installed, "dpkg --contents" each .deb (for now, I'm assuming they're cached locally) and list the directories it would create as well as the files (conffiles included) it would install or generate. For all files, store the MD5 checksums."*

When all is said and done, I should have a complete directory structure of the system with MD5 checksums. But I see two problems:* * *1) It seems like multiple packages may create the same directory (i.e. the first one in handles it, the rest just skip over it). This is fine, but I could see a case where the permissions might be different. I could, of course, just flag it and move on.
* * * 2) MD5 sums for conffiles don't appear to be stored in the /var/lib/dpkg/info/*.md5sums files but perhaps can be calculated on the fly.

So, I was wondering if there were any suggestions for dry-running an entire system install (and post install) to get a filesystem list with checksums?



PS: why I'm looking to do this: I want to be able to take a running system and say "Ok, so it has all these packages installed. Now, given all these packages, what has been added/updated/removed since installation?" Somewhat similar in concept to Tripwire but whereas Tripwire would build an index of a running system and compare to changes later in time, I want to build an index of a stock system and compare the running system to that and see how they vary.

Again, thank you very much for any pointers or suggestions!
--
Matthew Braun


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-02-2011, 08:17 AM
Marius Gedminas
 
Default Generate a file+MD5 checksum filesystem manifest from packages?

On Wed, Nov 30, 2011 at 04:06:25PM -0600, Matthew Braun wrote:
> I apologize if I'm posting to the wrong mailing list and I'd be thankful
> for pointers in the right direction, as I am very new to getting under the
> hood of my systems in the way that I'm asking about.
>
> I want to come up with a programatic way to construct a "reference"
> manifest of a filesystem. In other words, "System Foo has xxxx packages
> installed. For each package installed, "dpkg --contents" each .deb (for
> now, I'm assuming they're cached locally) and list the directories it would
> create as well as the files (conffiles included) it would install or
> generate. For all files, store the MD5 checksums."

You may want to look at debsums (http://packages.ubuntu.com/debsums)

> When all is said and done, I should have a complete directory structure of
> the system with MD5 checksums. But I see two problems:
> 1) It seems like multiple packages may create the same directory (i.e.
> the first one in handles it, the rest just skip over it). This is fine, but
> I could see a case where the permissions might be different. I could, of
> course, just flag it and move on.

This is where I'm a bit fuzzy, but perhaps /var/lib/dpkg/statoverride
has something to do with this? At least for the very special
files/directories (e.g. suid/sgid).

> 2) MD5 sums for conffiles don't appear to be stored in the
> /var/lib/dpkg/info/*.md5sums files but perhaps can be calculated on the fly.

They're stored in /var/lib/dpkg/status (grep for "Conffiles:").

> So, I was wondering if there were any suggestions for dry-running an entire
> system install (and post install) to get a filesystem list with checksums?

A chroot or a virtual machine might help here.

Marius Gedminas
--
"Actually, the Singularity seems rather useful in the entire work avoidance
field. "I _could_ write up that report now but if I put it off, I may well
become a weakly godlike entity, at which point not only will I be able to
type faster but my comments will be more on-target." - James Nicoll
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 01:09 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org