debsigs debsums and deb based file perm checking
Tim Webster
tdwebste at gmail.com
Sat Dec 11 04:55:12 UTC 2004
I noticed in horty ubuntu is using debsigs on packages.
What are the plans for signing all packages, and including
pkg.md5sums for all packages?
Is there any plans for something like pkg.perms??
to allow checking required pkg permissions and ownership.
I realize that is not a complete solution because config files
can't be cleanly included in either pkg.md5sums or pkg.perms.
I guess to check the files that can't be included.
I could automaticly create a config file for
(aide || samhain || tripwire || integrit || .... )
to check md5sums of files not in /var/lib/dpkg/info/*.md5sums
and a config to check perms/ownership files not in /var/lib/dpkg/info*.perms
If people like the idea I will post my config file generator here.
I would trigger the automatic creation of a config file for
(aide || samhain || tripwire || integrit || .... )
in /etc/apt/apt.conf.
-tim
More information about the ubuntu-users
mailing list