What is the apt equivalent to "rpm -V" (Verify installed packages)
14,155
Solution 1
The package "debsums" is what you want to install to perform hash checks against installed packages.
For example, to check for changed files:
sudo debsums -c
Note that not all packages ship with md5sum file lists. You can see a list of those on your system with:
sudo debsums -l
Solution 2
To followup to what Kees said, to deal with packages that don't include a buildtime generated debsums md5sum file, by default the debsums package also installs an apt hook to generate a debsums as part of the package installation process. Thus, one way to generate the debsums file for those packages that are missing them is to apt-get install --reinstall them.
Author by
yop83
Updated on September 17, 2022Comments
-
yop83 over 1 year
On a RedHat/CentOS system, I can verify the installed RPMs on my system using rpm -V.
What is the Ubuntu or
apt
equivalent of this command? -
yop83 over 13 yearsThanks for the tip! I always assumed that the system would keep it's own list of signatures. I notice that Ubuntu
binutils
(which includesld
and some core tools) doesn't include a signature, which seems unwise considering that these linker tools are at the core of the system, and we need to ensure that these tools are never modified or comprimised. -
yop83 over 13 yearsI found a simpler way to generate debsums for those packages that are missing them. The command
sudo debsums_init
will do the heavy lifting for you. It will download the packages from the repository, and will generate the md5sums for you.