Find changed Debian package config files with debsums
Intro
Back before I got into Linux, I used Windows. I remember running the System File Checker to troubleshoot issues and undue damage from malware. I haven’t used Windows in years, but in the late 90s and early 2000s, as more home Internet connections became “always on”, malware ran rampant, at least on Windows systems. Most of my friends had a “family computer” in the kitchen or living room. Often, they were so bogged down with either malware, or anti-malware software, that they were unusable.
Background
Anyways, what sfc /scannow
actually did was check the Windows system files (whoa) on your hard drive, against those on the (read-only) installation media. By calculating and comparing checksums, it can detect changed or corrupted files and replace them from disk.
I always wanted something like this on my Ubuntu Linux desktop. I’m always installing random stuff and trying things out, editing files in the depths of the filesystem. Sometimes I want to just dump a list of package files that I’ve changed. It’s easy enough to purge and reinstall fresh copies, but again, I want to know what I’ve changed from the original package install. I also want to see if I’ve removed (purposefully or accidentally, or negligently…) in case I need to restore them.
Using debsums
As it turns out, there’s a really simple tool available to do this, and it’s called debsums
. It’s likely already installed on your Debian-based Linux distribution.
Pop open a shell and run it:
$ debsums -s -c
The -s
tells debsums
to only report issues, so either changed or missing files. It won’t tell us every time the file is unchanged, but it will if you remove that flag.
The -c
tells debsums
to also check config files (it skips them by default). More than likely, that’s where your changes are going to reside.
There are some options to modify the behavior:
- Check only config files, only reports errors
debsums -e -s
- Check only changed config files (not missing)
debsums -c -e
- List packages that don’t have checksums to check against
debsums -l
- If you want to reinstall every package with a changed file, you can run this:
sudo apt-get install --reinstall \ $(dpkg -S $(debsums -c) | cut -d : -f 1 | sort -u)