Intro

Back before I got into Linux, I used Windows. I remember running the System File Checker all the time to troubleshoot issues and undue damage from mawlare. I haven’t used Windows in years, but in the late 90s and early 2000s, as more home Internet connections became “always on”, malware ran rampant, at least on Windows systems. Most of my friends had a “family computer” in the kitchen or living room, but it was so bogged down with either malware, or anti-malware software, that they were often unusable.

Background

Anyways, what sfc /scannow actually did was check the Windows sytem files (whoa) on your hard drive, against those on the (read-only) installation media. By calculating and comparing checksums, it can detect changed or corrupted files and replace them from disk.

I always wanted something like this on my Ubuntu Linux desktop. I’m always installing random stuff and trying things out, editing files in the depths of the filesystem. Sometimes I want to just dump a list of pacakge files that I’ve changed. It’s easy enough to purge and reinstall fresh copies, but again, I want to know what I’ve changed from the original package install. I also want to see if I’ve removed (purposefully or accidentally, or negligently…) in case I need to restore them.

Using debsums

As it turns out, there’s a really simple tool available to do this, and it’s called debsums. It’s likely already installed on your Debian-based Linux distribution.

Pop open a shell and run it:

$ debsums -s -c

The -s tells debsums to only report issues, so either changed or missing files. It won’t tell us everytime the file is unchanged, but it will if you remove that flag.

The -c tells debsums to also check config files (it skips them by default). More than likely, that’s where your chagnes are going to reside.

There are some options to tweak the behavior:

  • Check only config files, only reports errors
    $ debsums -e -s
    
  • Check only changed config files (not missing)
    $ debsums -c -e
    
  • List packages that don’t have checksums to check against
    $ debsums -l
    
  • If you want to reinstall every package with a changed file, you can run this:
    $  apt-get install --reinstall $(dpkg -S $(debsums -c) | cut -d : -f 1 | sort -u)
    

References