Greetings lovely community,
I was chatting with a buddy of mine recently about using Solus and it’s package manager eopkg
and one particular feature it had was the command eopkg check
which essentially when run tested the integrity of the packages within your system. It was mostly only used to troubleshoot when a problem arose, but it also wasn’t a perfect feature and at times would produce false positives as well, so even with some errors, things were still essentially normal. I wondered if pacman had something similar that a user could manually run to check package integrity. For the record, I’ve never had any package integrity issues on EndeavourOS and as far as I’m aware pacman does things like checking keys in keyring or checking package integrity or checking for file conflicts, so I imagine this possibly isn’t even really an issue on an Arch base, but at the very least it got me curious.
My curiosity stumbled about this Arch wiki link:
https://wiki.archlinux.org/title/Pacman/Tips_and_tricks#Listing_all_changed_files_from_packages
If you are suspecting file corruption (e.g. by software/hardware failure), but are unsure if files were corrupted, you might want to compare with the hash sums in the packages. This can be done with pacutils:
# paccheck --md5sum --quiet
So I went ahead and ran paccheck --md5sum --quiet
, but got a bunch of warnings with a few mismatches sprinkled in, so I ran it again using sudo
(hopefully that’s advisable in this case), and these are the following mismatches that I came across:
[scott@EndeavourOS ~]$ sudo paccheck --md5sum --quiet
[sudo] password for scott:
filesystem: '/usr/lib/os-release' md5sum mismatch (expected fc5ca8dfeb1737f6615212fe20bc0c2f)
filesystem: '/usr/share/factory/etc/issue' md5sum mismatch (expected 7813c481156f6b280a3ba91fc6236368)
gnome-shell: '/usr/share/gnome-shell/gnome-shell-theme.gresource' md5sum mismatch (expected 6d5289d6b49e995a8d0d03f24bef72f3)
grub: '/etc/grub.d/10_linux' md5sum mismatch (expected 5da8074aaba80675db163d056dc07289)
grub: '/etc/grub.d/30_os-prober' md5sum mismatch (expected e6104adfdd083811ffa4872608575f65)
lsb-release: '/etc/lsb-release' md5sum mismatch (expected d4ffa5402737dd89f443c579d936db9d)
nano-syntax-highlighting: '/usr/share/nano-syntax-highlighting/nanorc.nanorc' md5sum mismatch (expected 444697781502f5ec0fdea3e70ce2cc0d)
nvidia-installer-db: '/var/lib/pci/nvidia.ids' md5sum mismatch (expected 5c1c2c272ecf0146b14e33bea6152d20)
nvidia-installer-db: '/var/lib/pci/nvidia.ids.metainfo' md5sum mismatch (expected b8a8bc50a3f7206f5c4beec5ba99d8b4)
[scott@EndeavourOS ~]$
It looks to me like these are mostly (or possibly even all) mismatches because most of them look like entries that I have manually changed myself for one reason or another. I know I’ve altered my grub from the default. I’ve altered my default gnome-shell
via gdm-settings
so that checks out normal to me. I’ve also altered my nano config from the default as well so I recognize those changes as probably being acceptable to ignore.
I am curious to know if the other mismatches are thrown up there because of an actual file corruption or more than likely something that I have manually changed or had allowed permissions to be changed I wonder?
Like I mentioned, I don’t suspect any actual file corruption, but I’m not sure what to make of the filesystem
, lsb-release
, or nvidia-installer-db
entries. I’m sure it’s most likely “normal”, I’m just curious to figure out more about what these messages mean or refer to, so if anyone can shed a bit of light onto them I’d greatly appreciate it. Looking forward to any responses and thanks as always for taking the time to read my post.