You are not logged in.
- Topics: Active | Unanswered
#1 2015-01-06 15:57:13
- cgm999
- Member
- Registered: 2013-07-18
- Posts: 19
check-pacman-mtree check pacman db missmatch size/md5/sha256/symlink
AUR package https://aur.archlinux.org/packages/check-pacman-mtree/
last version 0.7 (can check for symlink also)
This script should help to locate the files that changed (size/md5/sha256/symlink) , right now pacman -Qkk can not verify md5/sha256. For example to see if are hacked or if your hdd is borked.
NOTE : this will work *ONLY* for packages having mtree file (/var/lib/pacman/local/$pkg/mtree)
NOTE2: need testing for 32bit (tested only on x86_64) , also for prelink users.
DIFF means filesystem and pacman db is not the same
EXTRA_MTREE = item missing from filesystem
FAIL = script can not open mtree file for respective pkg or open file/symlink to check
NOTE: script is not checking folders/sockets/etc ,also is not check for uid/gid/mtime/perms missmatch
Examples of usage
[root@archlinux-build ~]# check-pacman-mtree.lua
usage: /usr/bin/check-pacman-mtree.lua [ -a | pkg1 pkg2...] [-v | -vv] )
-a = all pkgs
-v = verbose(include size/md5/sha256)
-vv = even more verbose(show PKG= lines)check all packages:
[root@archlinux-build ~]# check-pacman-mtree.lua -a
DIFF pkg=lighttpd-1.4.35-1 file=etc/lighttpd/lighttpd.conf
DIFF pkg=syslog-ng-3.6.1-1 file=etc/syslog-ng/syslog-ng.conf
DIFF pkg=glibc-2.20-6 file=etc/locale.gen
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/console-getty.service
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/getty.target
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/getty@.service
...
[root@archlinux-build ~]#check a list of packages:
[root@archlinux-build ~]# check-pacman-mtree.lua -v systemd lighttpd xpdf
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/console-getty.service size_mtree=714 md5_mtree=66e549b46d423de6e0b89988fc3231be sha256_mtree=2e0c4bad9a130a6569fecec251feca7b87abb5a17d68f2f12c7d9c0363cd98b2
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/getty.target size_mtree=460 md5_mtree=ed0e497e174624e035321f196ff4cd20 sha256_mtree=1c13af0888230867e2fac57079ff722271e41b4462dbe6654697d93c8de0010c
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/getty@.service size_mtree=1492 md5_mtree=799f5ebe50ade4f5a3851157286aa80d sha256_mtree=e1cf1329bb8a739db881a36801b5265203e5697e9bb3c9702c97e6480e103fda
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/proc-sys-fs-binfmt_misc.mount size_mtree=603 md5_mtree=c3174c084ba1d64e052a86522f9afcf4 sha256_mtree=a1c8b6066cb201d3f52f88eee920236cacccf6d5defc0ad29032fc7718ff55d8
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/serial-getty@.service size_mtree=1028 md5_mtree=140cb87a0e9bf72e8d645e20d8d6c8ee sha256_mtree=bf7340a863019a530d3e9e7fd6b2d29ba58b241fd4108c7dc54eeee5b9d01868
EXTRA_MTREE pkg=systemd-211-1 file=usr/lib/systemd/system/systemd-binfmt.service size_mtree=1015 md5_mtree=cad1791bf98955c239feb12dea5d0c84 sha256_mtree=77eeda01dc53f05c0020fb365f567380cc5179be4797ff9cf894efe5dc8a7ef1
FAIL no_mtree_file pkg=xpdf-3.04-2 gzopen /var/lib/pacman/local/xpdf-3.04-2/mtree: No such file or directoryLast edited by cgm999 (2015-01-18 16:06:37)
Offline
#2 2015-01-06 16:03:58
- thiagowfx
- Member
- Registered: 2013-07-09
- Posts: 586
Re: check-pacman-mtree check pacman db missmatch size/md5/sha256/symlink
A pacman -Qkk that identifies which files have been modified? This is something I find useful. It looks like a more specialized tool to do what I wanted some time ago.
NOTE : this will work *ONLY* for packages having mtree file (/var/lib/pacman/local/$pkg/mtree)
Are there any packages that don't have this file?
I did a quick:
pacman -Q | wc -land
ls /var/lib/pacman/local/*/mtree | wc -lAnd got the same numbers, which indicate that all packages I have installed have this file.
Offline
#3 2015-01-06 16:15:02
- WorMzy
- Forum Moderator
- From: Scotland
- Registered: 2010-06-16
- Posts: 11,911
- Website
Re: check-pacman-mtree check pacman db missmatch size/md5/sha256/symlink
A pacman -Qkk that identifies which files have been modified? This is something I find useful. It looks like a more specialized tool to do what I wanted some time ago.
cgm999 wrote:NOTE : this will work *ONLY* for packages having mtree file (/var/lib/pacman/local/$pkg/mtree)
Are there any packages that don't have this file?
Not in the official repos, as far as I can tell: https://www.archlinux.org/todo/mtree-rebuilds/
Some third-party repos may still have mtree-less packages, and any unsupported (AUR) packages built prior to pacman-4.1 will not have one.
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Offline
#4 2015-01-06 16:15:05
- cgm999
- Member
- Registered: 2013-07-18
- Posts: 19
Re: check-pacman-mtree check pacman db missmatch size/md5/sha256/symlink
some old packages may not have mtree file, if you got same numbers then it means is good 
Also the script will say if some pkg do not have MTREE file
version 0.5 of the script will tell if some pkg do not have mtree file
[root@silver ~]# check-pacman-mtree.luajit -av
...
FAIL_MTREE_FILE pkg=xpdf-3.04-2 gzopen /var/lib/pacman/local/xpdf-3.04-2/mtree: No such file or directory
[root@silver ~]# Last edited by cgm999 (2015-01-06 19:51:04)
Offline
#5 2015-01-06 18:15:52
- cgm999
- Member
- Registered: 2013-07-18
- Posts: 19
Re: check-pacman-mtree check pacman db missmatch size/md5/sha256/symlink
My testing was done only on x86_64. whoever and willing to test is on 32bit pls provide script feedback
Also those that use prelink .
Last edited by cgm999 (2015-01-06 18:26:01)
Offline