Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Q&A

What is the best way to identify changes from the default configuration in Raspbian systems?

+4
−0

I've got a Raspberry Pi running Raspbian, which I'd like to reinstall from scratch. However over time I've made many changes to the configuration (installed new packages, changed the name of the default user, created a new user account, and probably a lot of things I tweaked but forgot about), and unfortunately I usually didn't think of documenting those changes.

What would be the best strategy to figure out as many of those changes as possible before reinstallation, so I don't have to figure out them afterwards through things no longer working the way I want them?

In particular, I'd be interested in the following things.

  • How does the list of packages differ from that in a fresh install?

  • Are there any changes to configuration files that were not done by package installation/update, and to which files?

Methods that work also on other Debian-based distributions are preferred.

History
Why does this post require moderator attention?
You might want to add some details to your flag.
Why should this post be closed?

0 comment threads

1 answer

+4
−0

How does the list of packages differ from that in a fresh install?

The easiest way, if you have the data for it, would probably be to parse the APT logs (particularly /var/log/apt/history.log*) to see what's been installed and removed, respectively. However, those only go back so far, so unless you've been diligent about archiving logs (which seems unlikely if you don't have any documentation for how the system has been set up and configured over time), will only give you recent changes.

However, you should be able to get something very close to what you want from a combination of dpkg --get-selections filtering for output that ends with the word install (which will tell you what's currently selected for installation) and filtering out packages which have a Priority value of required or important (which should match a default installation fairly closely). For example:

dpkg --get-selections |
grep '\binstall$' |
cut -f 1 |
while read package; do
    apt-cache show "$package" |
    grep '^Priority:' |
    grep -vq -e 'required$' -e 'important$' &&
        printf '%s\n' "$package"
done

will give you a list of all packages that are currently installed, but which are not either required or important.

(There's probably a better way to get the data in a machine-readable form, but I was unable to find one that worked with a reasonably quick perusal of the apt-cache and dpkg man pages.)

The list given by the above command certainly won't be perfect (for example, it doesn't handle the fact that packages might be pulled in as dependencies of required packages), but it should give you a reasonable starting point.

Are there any changes to configuration files that were not done by package installation/update, and to which files?

You can use dpkg -V to verify the status of a package's installed files against the package metadata.

Another tool that can also be used is debsums (offered by the debsums package on ordinary Debian and, I would expect, on Raspian as well) with the -a/--all switch.

This isn't perfect either; for example, I doubt either method will capture files which were generated during package installation and then later modified. (SSH host keys would be an example of that.) It also won't tell you what has changed, only that the file now has a different hash. Still, for the majority of packages, it should provide a reasonable starting point.

For dpkg, only files that are different will be listed. For example:

# dpkg -V openssh-client
??5?????? c /etc/ssh/ssh_config
# 

For debsums, unmodified files will show as OK (similar to *sum --check), so to get a list of what's changed, use your favorite tool to only see those that aren't OK. For example:

# debsums -a openssh-client | grep -v 'OK$'
/etc/ssh/ssh_config         FAILED
# 

Both of these tell me that on the system I'm running them on, /etc/ssh/ssh_config has been changed compared to the version that is provided by the openssh-client package.

History
Why does this post require moderator attention?
You might want to add some details to your flag.

1 comment thread

General comments (1 comment)

Sign up to answer this question »