Get diff changes between original files installed with apt and current files

by

I installed php5-fpm package using apt; then I made some changes to the PHP configuration files.

Now I would get the diffs between the original files versions (the ones of the package installed) and the current versions (modified by me). How to do it?

Contents hide
Answers:
Method 1
Method 2
etc directory
package files
debsum example
Method 3
Method 4

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Try something like this:

# exit on failure
set -e

package=php5-fpm
mkdir $package
cd $package

# you could also get the file from a package mirror if you have
#  an older version of apt-get that doesn't support 'download' 
#  or if you would like more control over what package version
#  you are downloading.
# (e.g. http://archive.ubuntu.com/ubuntu/pool/main/)
apt-get download $package

# deb package files are ar archives
ar vx ${package}*.deb
# containing some compressed tar archives
tar xzf data.tar.gz
# now you have the files

# you can get diffs for all of the files in etc if you would like
find etc -type f |
while read file ; do
    diff $file /$file
done

As suggested by others, definitely put your configuration files under revision control. That way, you can see exactly what you changed and when you changed it.

Method 2

etc directory

For tracking changes to your /etc directory you can do as @Anthon has suggested and use git, subversion, mercurial, etc. to version control that directory. You can also use a tool such as etckeeper. There’s a tutorial here as well as here.

etckeeper is a collection of tools to let /etc be stored in a git,
mercurial, bazaar or darcs repository. It hooks into apt to
automatically commit changes made to /etc during package upgrades. It
tracks file metadata that git does not normally support, but that is
important for /etc, such as the permissions of /etc/shadow. It’s
quite modular and configurable, while also being simple to use if you
understand the basics of working with version control.

package files

To my knowledge apt does not have a way to check the files on disk vs. the files that are in the actual .deb. Neither does dpkg, the tool that apt is actually using to do the management of files.

However you can use a tool such as debsums to compare some of the files you have installed, it only looks at their checksums (md5sum) of what’s in the .deb file vs. what’s on your systems disk.

See this serverfault question for more details about debsum and dpkg checksumming, as well as this askubuntu question.

debsum example

% debsums openssh-server
/usr/lib/openssh/sftp-server                                                  OK
/usr/sbin/sshd                                                                OK
/usr/share/lintian/overrides/openssh-server                                   OK
/usr/share/man/man5/sshd_config.5.gz                                          OK
/usr/share/man/man8/sshd.8.gz                                                 OK
/usr/share/man/man8/sftp-server.8.gz                                          OK

Method 3

I wrote the following simple script to automatically retrieve the original file from the right Debian package and diff the current file against it: https://a3nm.net/git/mybin/tree/debdiffconf

Use it as follows: debdiffconf FILE

#!/bin/bash

# Usage: debdiffconf.sh FILE
# Produce on stdout diff of FILE against the first installed Debian package
# found that provides it.
# Returns the exit code of diff if everything worked, 3 or 4 otherwise.

# https://stackoverflow.com/a/4785518
command -v apt >/dev/null 2>&1 || {
  echo "apt not found, this is probably not a Debian system. Aborting." >&2;
  exit 4; }
command -v apt-file >/dev/null 2>&1 || {
  echo "Please install apt-file: sudo apt install apt-file. Aborting." >&2;
  exit 4; }
command -v realpath >/dev/null 2>&1 || {
  echo "Please install realpath: sudo apt install realpath. Aborting." >&2;
  exit 4; }

FILE=$(realpath -m "$1")
while read PACKAGE
do
  # verify from first installed package
  if dpkg-query -W --showformat='${Status}n' | grep installed > /dev/null
  then
    DIR=$(mktemp -d)
    cd "$DIR"
    echo "Trying $PACKAGE..." >&2
    apt download "$PACKAGE" >&2
    # downloaded archive is the only file present...
    ARCHIVE=$(ls)
    mkdir contents
    # extract entire archive
    dpkg-deb -x "$ARCHIVE" contents/ >&2
    if [ -f "contents$FILE" ]
    then
      # package contained required file
      diff "contents$FILE" "$FILE"
      RET=$?
      # cleanup
      cd
      rm -Rf "$DIR"
      # exit entire script as this is the main shell
      # with the return code from diff
      exit $RET
    else
      # cleanup
      cd
      rm -Rf "$DIR"
    fi
  fi
done < <(apt-file -l search "$FILE")
# if we are here, it means we have found no suitable package
echo "Could not find original package for $FILE" >&2
exit 3

Method 4

If you want to see the differences between original and the installed php.ini file, use

diff -W COLUMNS --suppress-common-lines -y /usr/share/php5/php.ini-development /etc/php5/apache2/php.ini -W $COLUMNS

if you don’t care about the comment lines pipe it into

| egrep -v '^;.*<$|s*>.;.*|;.*|.;'


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x