Ubuntu Linux Toolbox 1000+ Commands for Ubuntu and Debian Power Users phần 3 ppsx

Table 2-7 shows some of the most useful options for running debsums. See the man

page for debsums to reveal all detailed information.

Table 2-7: Some Common debsums Options

NOTE For many operations, you won’t need to run this utility as root (using

sudo). Some files may not have read access by regular users, so the use of sudo

will be required if you get a message like this: debsums: can't open at

file /etc/at.deny (Permission denied).

If you run debsums with no options, it will check every file on the system that it knows

about. The output can be redirected to a file if needed for later. The file name debsums

prints out will be accompanied by an OK status on the right side of the output if the

md5sum checks out for the file. Other messages may be printed out, such as md5sums

missing for a certain file, or the word REPLACED if the md5sum does not match. You

will need to be wary of false positives. If you want to use this tool as a baseline for

assessments at a later date, you will want to get everything set up the way you want

and re-generate md5sums for stuff that is missing or incorrect. That way you know

you have the latest info.

This command will check every file on the system against the stock md5sum files. You can see there

are some missing and replaced files. You would want to verify the system does not

already have problems with these files before you re-generate md5sums for everything:

$ debsums

/usr/bin/acpi OK

/usr/share/man/man1/acpi.1.gz OK

/usr/share/doc/acpi/README OK

/usr/share/doc/acpi/AUTHORS OK

...

debsum command What It Does

debsums -a Checks all files (including configuration files which

are, by default, left out).

debsums –e Checks config files for packages only.

debsums –c Lists only changed files to stdout.

debsums –l Lists files that don’t have md5sum info.

debsums –s Lists only errors; otherwise be silent.

debsums <package names> Lists the packages you want debsums to analyze.

42

Chapter 2: Installing Ubuntu and Adding Software

82935c02.qxd:Toolbox 10/29/07 12:56 PM Page 42

/usr/share/app-install/icons/pybliographic.png OK

debsums: no md5sums for bsdutils

debsums: no md5sums for bzip2

debsums: no md5sums for cdrecord

...

/usr/share/locale-langpack/en_AU/LC_MESSAGES/adduser.mo REPLACED

/usr/share/locale-langpack/en_AU/LC_MESSAGES/alsa-utils.mo OK

...

If you want to save this info to a file, and to save stdout and stderr messages, redirect

both stdout and stderr streams into a file. We also background the command with a final

ampersand so we can continue working at the shell:

$ debsums &> /tmp/foo &

To check the configuration files distributed with each package for changes, run debsums with the

–a option:

$ debsums –a

/usr/bin/acpi OK

/usr/share/man/man1/acpi.1.gz OK

...

To only check configuration files, and ignore everything else, use the –e option. This is a good way

to tell if you have inadvertently edited a config file you didn’t want to. You can see

some of the X configuration files have been changed.

$ debsums –e

...

/etc/X11/Xresources/x11-common OK

/etc/X11/Xsession FAILED

/etc/X11/rgb.txt OK

/etc/init.d/x11-common OK

/etc/X11/Xsession.d/50x11-common_determine-startup OK

/etc/X11/Xsession.d/30x11-common_xresources OK

/etc/X11/Xsession.d/20x11-common_process-args OK

/etc/X11/Xsession.options FAILED

...

As debsums spits out a lot of information, you may want to see only changed files.

Issuing debsums with the –c options will do that:

$ debsums –c

debsums: no md5sums for at

debsums: no md5sums for base-files

debsums: no md5sums for bc

...

43

Chapter 2: Installing Ubuntu and Adding Software

82935c02.qxd:Toolbox 10/29/07 12:56 PM Page 43

With the preceding command, you will see messages being printed for files that have

no md5sum info. You can check for files that have no md5sum info by running debsums with

the –l option:

$ debsums -l

at

base-files

bc

binutils

binutils-static

...

If you want debsums to show only errors, use the –s option to tell debsums to be silent

except for errors:

$ debsums -s

debsums: no md5sums for at

debsums: no md5sums for base-files

debsums: no md5sums for bc

debsums: no md5sums for binutils

...

To check a specific package, give debsums a package name as an argument:

$ debsums coreutils

/bin/cat OK

/bin/chgrp OK

/bin/chmod OK

...

This will check only the files listed in that package’s md5sum file in the /var/lib/

dpkg/info directory, so if the package does not come with an md5sum file, you will

get an error:

$ debsums rsync

debsums: no md5sums for rsync

To generate the missing md5sums data for rsync, use a combination of dpkg, the

md5sum utility, and a little shell scripting. First, use dpkg -L to ask for a list of all the

files dpkg knows about, in the rsync package. The list dpkg returns will have other

lines of data in it besides just the file names, so we pipe that output to grep and filter

out everything that does not start with a slash. On the second line, we have the shell

test whether the line of output from dpkg is a directory or a file (directories start with a

slash also). If it is a file, md5sum is run on the line of output, which at this point should

just be a file name. Lastly, all output at the third line is saved into a text file with the

same naming convention as the md5sum files in the /var/lib/dpkg/info directory.

$ for file in `dpkg -L rsync | grep ^/`; do

test -f "$file" && md5sum "$file";

done > /tmp/rsync.md5sums

44

Chapter 2: Installing Ubuntu and Adding Software

82935c02.qxd:Toolbox 10/29/07 12:56 PM Page 44