Track, save and revert file system modifications made by a program under Linux

unix linux filesystems installation rollback

Possibly the easiest (?) way to do this is to boot off of a LiveUSB with a "persistent data partition." (Or, to replicate the effect yourself, in a chroot jail: mount a rw layer over a ro layer.) Take a snapshot of the rw filesystem -- which should be very slim after a fresh boot -- then run your installer. Every file it alters or creates will be on the rw "persistent data" overlay partition. Even removed files will appear as "magic dotfiles."


Maybe take a look at tripwire? Tripwire is more passive than your active example, but it still may work for you.

http://www.linuxjournal.com/article/8758

Tripwire is an intrusion detection system (IDS), which, constantly and automatically, keeps your critical system files and reports under control if they have been destroyed or modified by a cracker (or by mistake). It allows the system administrator to know immediately what was compromised and fix it.


Take a look at Installwatch:

http://en.wikipedia.org/wiki/Installwatch#Functionality

http://asic-linux.com.mx/~izto/checkinstall/installwatch.html

Related

NGINX 'global' location
Since upgrading to Solaris 11, my ARC size has consistently targeted 119MB, despite having 30GB RAM. What? Why?
Can't connect to Tomcat even though it's running
haproxy - pass original / remote ip in tcp mode
How to correctly save and load a model with custom CTC layer (Keras example)
Optimization problem with non-linear constraint
HTML video player (Fluid Player) playing more then one video
How can I resolve this class instance error in the following very simple function?
Can Someone please explain how For loop is Working here?
Lua check if method exists
Typescript: Enforce a type to be "string literal" and not <string>
How to visualize Protocols and Extensions in UML?