Daily Blog #782: Validating linux packages other than rpms

Daily Blog #782: Validating linux packages other than rpms
文章介绍了如何在不同Linux发行版中验证软件包完整性，包括Debian/Ubuntu（debsums）、Arch Linux（pacman）、openSUSE（rpm）和Alpine Linux（apk audit）等工具的使用方法。 2025-3-20 04:2:0 Author: www.hecfblog.com(查看原文) 阅读量:23 收藏

By • March 19, 2025 • Daily Blog linux forensics packages •

Hello Reader,

We've talked about validating rpms in several posts now but there are other package managers besides rpm. Let's talk about how we can do the same validation with other package managers.

1. Debian/Ubuntu (`dpkg` & `debsums`)

Install debsums if you haven't already:

sudo apt install debsums

Verify file hashes for a specific package:

sudo debsums -s <package-name>

Verify a specific file:

sudo debsums -s <package-name> | grep /path/to/file

Verify all installed packages:

sudo debsums -cs

2. Arch Linux (`pacman`)

Check integrity of a specific package:

pacman -Qkk <package-name>

Verify a single file:

pacman -Qkk <package-name> | grep /path/to/file

Verify all installed packages:

pacman -Qkk

3. openSUSE (`rpm` & `zypper`)

openSUSE uses RPM, so you can use standard RPM verification commands:

Check integrity of a file against the RPM database:

rpm -Vf /path/to/file

Verify all installed packages:

rpm -Va

4. Alpine Linux (`apk`)

Newer Alpine Linux versions (3.15+) include the apk audit command:

Verify integrity of a package:

apk audit <package-name>

Verify all installed packages:

apk audit

文章来源: https://www.hecfblog.com/2025/03/daily-blog-782-validating-linux.html
如有侵权请联系:admin#unsafe.sh

1. Debian/Ubuntu (dpkg & debsums)

2. Arch Linux (pacman)

3. openSUSE (rpm & zypper)

4. Alpine Linux (apk)

1. Debian/Ubuntu (`dpkg` & `debsums`)

2. Arch Linux (`pacman`)

3. openSUSE (`rpm` & `zypper`)

4. Alpine Linux (`apk`)