How to Verify Installed Package Files in Ubuntu/Debian Using dpkg Like rpm -V


2 views

When maintaining Linux systems, verifying the integrity of installed package files is crucial. RPM-based systems have the handy rpm -V command, but what about Debian/Ubuntu systems using dpkg?

While dpkg doesn't have a native verification command like RPM, we can use debsums for similar functionality:

sudo apt install debsums
debsums openssh-server

Example output when files are modified:

/etc/ssh/sshd_config

For more detailed verification similar to RPM's output format:

debsums -a -c --changed-ignore=space openssh-server

Key flags:

- -a: Show all files (including unchanged)

- -c: Only show changed files

- --changed-ignore=space: Ignore whitespace changes

For comprehensive verification including MD5 checksums, file sizes, and permissions:

debsums -e openssh-server

If checksums aren't available for a package:

sudo debsums --generate=all -s openssh-server

While less comprehensive, you can list package files with:

dpkg-query -L openssh-server

Then manually verify attributes with:

stat /etc/ssh/sshd_config

Create a cron job to regularly check critical packages:

0 3 * * * root /usr/bin/debsums -c -s -a openssh-server apache2 postfix > /var/log/pkg_verify.log

When administering RedHat-based systems, rpm -qV is the go-to command for verifying installed package files against their original state. The output shows changed files with status indicators:

~$ rpm -qV openssh-server
S.?....T.  c /etc/ssh/sshd_config
~$

For Debian/Ubuntu systems, while dpkg doesn't have an exact 1:1 equivalent to rpm -qV, we can achieve similar results through different approaches:

# Method 1: Using debsums (requires installation)
sudo apt install debsums
debsums -s openssh-server

# Method 2: Manual verification with dpkg
dpkg -V openssh-server

# Method 3: Checking file hashes
dpkg -L openssh-server | xargs -d'\n' -I{} sh -c 'md5sum "{}" 2>/dev/null'

When using dpkg -V, the output format differs from RPM:

~$ dpkg -V openssh-server
??5??????   /etc/ssh/sshd_config

The status characters represent:

  • ? - Unknown attribute or test not performed
  • 5 - MD5 checksum mismatch
  • missing - File is missing

Let's walk through a complete verification process for SSH:

# Install debsums if not available
sudo apt update && sudo apt install debsums

# Verify specific package
debsums -s openssh-server

# Check modified configuration files
sudo debsums -s -a | grep modified

# For comprehensive check of all packages
sudo debsums -s

For regular monitoring, create a verification script:

#!/bin/bash
# Package verification script
LOG_FILE="/var/log/pkg_verify.log"
DATE=$(date +"%Y-%m-%d %T")

echo "Package verification started at $DATE" >> $LOG_FILE
debsums -s >> $LOG_FILE 2>&1
echo "Verification completed" >> $LOG_FILE