DEV Community

Le Stephane
Le Stephane

Posted on • Edited on

1 2

Sanitizing Debian

(this is my first post on dev.to, testing the waters, be gentle)

Today I wanted to check whether any file on my system was not exactly the file that was shipped in its debian package. So after some research, I settled on the debsums command:

$ sudo debsums -s
debsums: changed file /usr/share/applications/code-url-handler.desktop (from code package)
debsums: changed file /usr/share/applications/code.desktop (from code package)
debsums: changed file /usr/share/applications/gedit.desktop (from gedit package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/__init__.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/config.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/cupshelpers.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/installdriver.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/openprinting.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/ppds.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/xmldriverprefs.cpython-35.pyc (from python3-cupshelpers package)
Enter fullscreen mode Exit fullscreen mode

Moved on to re-installing the affected packages:

$ sudo debsums -s 2>&1 | \
  grep -oE "from .* package" | \
  sort | uniq | \
  while read PKG; do
    echo "$PKG" | cut -d ' ' -f 2;
  done;
code
gedit
python3-cupshelpers
$ sudo aptitude reinstall code gedit python3-cupshelpers
...
Enter fullscreen mode Exit fullscreen mode

And checked (again):

$ sudo debsums -s
debsums: changed file /usr/share/applications/code-url-handler.desktop (from code package)
debsums: changed file /usr/share/applications/code.desktop (from code package)
Enter fullscreen mode Exit fullscreen mode

Uh. There's something at work that I don't fully understand (yet). Since I cannot justify the time spent chasing this down, I find out who to contact:

$ apt-cache show code | grep -E "Maintainer" | uniq -c
     50 Maintainer: Microsoft Corporation <vscode-linux@microsoft.com>
Enter fullscreen mode Exit fullscreen mode

Then I drop them a mail:

From: Le Stephane
To: vscode-linux@microsoft.com
Subject: /usr/share/applications/code(-url-handler).desktop files always show up as modified in debsums

Dear VS Code maintainers, 

I get debsums errors on files belonging to your .deb package, even after re-installing it. Can you advise?

$ sudo debsums -s
debsums: changed file /usr/share/applications/code-url-handler.desktop (from code package)
debsums: changed file /usr/share/applications/code.desktop (from code package)

$ dpkg -l code
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                                  Version                 Architecture            Description
+++-=====================================-=======================-=======================-===============================================================================
ii  code                                  1.29.1-1542309157       amd64                   Code editing. Redefined.

Best
Enter fullscreen mode Exit fullscreen mode

Takeaways (so far)

  • Posting on dev.to is fun, I will do it again
  • There's a debsums command which is pretty cool
  • debsums + aptitude reinstall makes my system fresh again...
  • ...except for a few files, for an unknown reason
  • I don't need to find that reason just yet. But I can find out where to ask for help
  • Similarly, I don't need to finish my article. Maybe someone in the audience will know why I'm experiencing this behaviour. If not, in time, the maintainer will probably point me to the reason. I can then amend the article.
  • This article is my first, and just a start. I should also check which files currently present in my OS system directories does not belong to a package, if I'm serious about security.

Billboard image

Synthetic monitoring. Built for developers.

Join Vercel, Render, and thousands of other teams that trust Checkly to streamline monitor creation and configuration with Monitoring as Code.

Start Monitoring

Top comments (2)

Collapse
 
bureado profile image
José Miguel Parrella

Did you get a response?

Collapse
 
lestephane profile image
Le Stephane

I did, but it was along the lines of

  • ms: please file an issue
  • me: there was one, which you closed (github.com/Microsoft/vscode/issues...)
  • ms: well, file it again then
  • me: ¯_(ツ)_/¯ (at time of writing, there are 5189 open issues on vscode)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay