Debian list of config files

I want to switch to a 64-bit Linode, but I first want to backup my configuration (I run Debian). Is there a way to get a list of all the configuration files managed by dpkg/apt that have been changed since they were installed (i.e., files that I've modified)?

4 Replies

Mmm…I don't believe so. If it exists it's not a widely known feature.

Although if you have any sort of FAM (File Alternation Monitor), then you should easily find which files have been modified.

Probably, simply backing up /etc might work.

Not that I know of. I would take a backup of /etc and /var/spool/cron, do a fresh install, then pick and choose files to restore from your backup.

Thanks for your replies! Hmm, okay. I was thinking that there would be a way, since dpkg knows what config files have been modified when upgrading packages, but I guess that information isn't retained globally?

I don't know of an official tool offhand, but dpkg keeps the md5 checksums of installed config files - those defined as conffiles in the original deb package - along with other installed package details in /var/lib/dpkg/status - any lines with a leading space after the "Conffiles:" header line for each package.

So it shouldn't be too hard to dump those checksums, and compare against the currently installed files to identify those that are different. A little experimenting this evening came up with this (all one line):

sed -n -e '/^Conffiles:/,/^[^ ]/ p' /var/lib/dpkg/status | awk '/^ / {print $2 "  " $1}' | md5sum -c | grep FAILED

The sed extracts the config file lines (including one line above and below), and the awk turns just the checksum lines into a format compatible with md5sum (name, two spaces, then checksum), and then the md5sum does a comparison against its input.

I don't think this would include files that were moved into locations like /etc from default copies (like in /usr/share) if done during the post installation phase of a package install. But I think those processes use the ucf command, which keeps checksums in /var/lib/ucf/hashfile. That file is already in a format compatible with md5sum, so a simple "md5sum -c /var/lib/ucf/hashfile | grep FAILED" should be fine for that.

Sort of manual, but should go a long way to identifying those configuration files that you've modified in a current install.

– David

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct