FS#38884 - pacman: feature request: check integrity of installed package files

Attached to Project: Pacman
Opened by Max Bruckner (FSMaxB) - Thursday, 13 February 2014, 01:10 GMT
Last edited by Allan McRae (Allan) - Sunday, 29 June 2014, 10:02 GMT
Task Type Feature Request
Category General
Status Closed
Assigned To No-one
Architecture All
Severity Low
Priority Normal
Reported Version 4.1.2
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 6
Private No

Details

I'd like pacman to have the funcitonality to check the integrity of the files installed by a package based on .MTREE . Combined with a check of the package authenticity via PGP this could be used to detect rootkits.
This task depends upon

Closed by  Allan McRae (Allan)
Sunday, 29 June 2014, 10:02 GMT
Reason for closing:  Upstream
Additional comments about closing:  Dummy code is in pacman waiting on libarchive to support reading checksums from mtree files
Comment by Allan McRae (Allan) - Thursday, 13 February 2014, 01:18 GMT
So... pacman -Qkk? Does not do checksums yet because libarchive does not support reading them, does does file size, modification time, permissions, ...
Comment by Max Bruckner (FSMaxB) - Thursday, 27 February 2014, 16:00 GMT
I don't think pacman -Qkk is enough at the moment, this doesn't even detect data corruption.
Comment by Allan McRae (Allan) - Thursday, 27 February 2014, 21:30 GMT
Yes - we are waiting on libarchive to add support for reading checksums from mtree files. There are dummy functions set up for when this occurs.
Comment by Max Bruckner (FSMaxB) - Friday, 28 February 2014, 00:03 GMT
Oh, right, now I get it.
Comment by Rena Kunisaki (Rena) - Monday, 21 December 2015, 04:15 GMT
Did this go anywhere? I was hoping to check integrity of all installed packages after a crash caused by faulty RAM. I'm surprised Pacman doesn't seem to have that ability.

Loading...