inside the mind of a linux admin

Validating Package Consistency by md5sum for Linux

Occasionally you just want a bit of piece of mind about your server or Linux install. You may suspect there is somebody who has hacked your server or even something changed by a package install that shouldn’t have been. Heres a couple of ideas on how to do a quick ‘health’ check on he md5sum of binary packages.

Debian based people should install dlocate and use that

apt-get install dlocate
dlocate -md5check openssh-server

To force a fail try something like this:

mv /usr/share/man/man5/sshd_config.5.gz /usr/share/man/man5/sshd_config.5.gz-old
echo Boo > /usr/share/man/man5/sshd_config.5.gz
dlocate -md5check openssh-server

For Redhat/Centos etc based servers you can use yum

rpm -qvV openssh

Again you can force a fail by changing a file

mv /usr/share/doc/openssh-4.3p2/CREDITS /usr/share/doc/openssh-4.3p2/CREDITS-old
echo Boo >/usr/share/doc/openssh-4.3p2/CREDITS
rpm -qvV openssh

For less verbosity just drop the lower case v (so its rpm -qV )

What does this output tell you?

If any file in the package has changed, there will be a list of 9 items. A “dot” means no change. A “dot” replaced by a letter has these meanings:

S file Size differs
M Mode differs (includes permissions and file type)
5 MD5 sum differs
D Device major/minor number mismatch
L readLink(2) path mismatch
U User ownership differs
G Group ownership differs
T mTime differs
P caPabilities differ

If you get any file flagged with a “5”, it will almost certainly also have a “T” and “S” flag as well.

Credits: Courtesy of New Zealand Linux and fedoraforum.org

Related Posts

How to revert back to X11 / Xorg from Wayland

Wayland is intended as a “simpler replacement for X”, and is getting quite a bit of hype around the Linux community. So much so, that it’s the default in the latest versions of Fedora, GNOME, KDE and others. While Wayland may be the future, it really is in future. At least for Ubuntu 17.10. The […]

Read More

Touchpad stops working after sleep + resume (Fedora 26 on Dell XPS)

After recently upgrading my Dell XPS 13 w/Touchscreen to Fedora 26, the touchpad suddenly stopped working upon resuming from sleep mode. It was reproduced 100% of the time, and required a complete restart in order to get the touchpad working again. There have been several forum posts and bug reports regarding others experiencing these exact […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Twitter: kireguy

Tweeter button Facebook button Myspace button