(this is my first post on dev.to, testing the waters, be gentle)
Today I wanted to check whether any file on my system was not exactly the file that was shipped in its debian package. So after some research, I settled on the debsums command:
$ sudo debsums -s
debsums: changed file /usr/share/applications/code-url-handler.desktop (from code package)
debsums: changed file /usr/share/applications/code.desktop (from code package)
debsums: changed file /usr/share/applications/gedit.desktop (from gedit package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/__init__.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/config.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/cupshelpers.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/installdriver.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/openprinting.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/ppds.cpython-35.pyc (from python3-cupshelpers package)
debsums: changed file /usr/lib/python3/dist-packages/cupshelpers/__pycache__/xmldriverprefs.cpython-35.pyc (from python3-cupshelpers package)
Moved on to re-installing the affected packages:
$ sudo debsums -s 2>&1 | \
grep -oE "from .* package" | \
sort | uniq | \
while read PKG; do
echo "$PKG" | cut -d ' ' -f 2;
done;
code
gedit
python3-cupshelpers
$ sudo aptitude reinstall code gedit python3-cupshelpers
...
And checked (again):
$ sudo debsums -s
debsums: changed file /usr/share/applications/code-url-handler.desktop (from code package)
debsums: changed file /usr/share/applications/code.desktop (from code package)
Uh. There's something at work that I don't fully understand (yet). Since I cannot justify the time spent chasing this down, I find out who to contact:
$ apt-cache show code | grep -E "Maintainer" | uniq -c
50 Maintainer: Microsoft Corporation <vscode-linux@microsoft.com>
Then I drop them a mail:
From: Le Stephane
To: vscode-linux@microsoft.com
Subject: /usr/share/applications/code(-url-handler).desktop files always show up as modified in debsums
Dear VS Code maintainers,
I get debsums errors on files belonging to your .deb package, even after re-installing it. Can you advise?
$ sudo debsums -s
debsums: changed file /usr/share/applications/code-url-handler.desktop (from code package)
debsums: changed file /usr/share/applications/code.desktop (from code package)
$ dpkg -l code
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-=====================================-=======================-=======================-===============================================================================
ii code 1.29.1-1542309157 amd64 Code editing. Redefined.
Best
Takeaways (so far)
- Posting on dev.to is fun, I will do it again
- There's a debsums command which is pretty cool
- debsums + aptitude reinstall makes my system fresh again...
- ...except for a few files, for an unknown reason
- I don't need to find that reason just yet. But I can find out where to ask for help
- Similarly, I don't need to finish my article. Maybe someone in the audience will know why I'm experiencing this behaviour. If not, in time, the maintainer will probably point me to the reason. I can then amend the article.
- This article is my first, and just a start. I should also check which files currently present in my OS system directories does not belong to a package, if I'm serious about security.
Top comments (2)
Did you get a response?
I did, but it was along the lines of