I want to know if is posible to get the diff on the original versus the current config files of installed debian packages.

If found an answers which shows up the modified config files, but I find no way to generate the diff.

The command is

dpkg-query -W -f='${Conffiles}\n' '*' | awk 'OFS="  "{print $2,$1}' | LANG=C md5sum -c 2>/dev/null | awk -F': ' '$2 !~ /OK/{print $1}' | sort | less

I use etckeeper for this purpose. It will not help you going backwards but from now on you will be able to see changes to /etc. It is written by Joey Hess and is an awesome tool. Joey's description:

etckeeper is a collection of tools to let /etc be stored in a git, mercurial, darcs, or bzr repository. It hooks into apt (and other package managers including yum and pacman-g2) to automatically commit changes made to /etc during package upgrades. It tracks file metadata that revison control systems do not normally support, but that is important for /etc, such as the permissions of /etc/shadow. It's quite modular and configurable, while also being simple to use if you understand the basics of working with revision control.

Since it is based on git you can add remotes and easily compare config files from different machines without ever having to ssh into the other machine. It is easily installed with apt-get and the source is available here:

http://git.kitenet.net/?p=etckeeper.git


I hacked together a bash script that does the diff (to do that, it downloads all required packages and extracts them to a temp dir).

  • It uses debsums instead of dpkg-query as dpkg-query turned out to produce false positives for me.
  • It also cannot diff files that are generated by a script during installation (files in /etc/default seem such), that would need some chrooting or the like...

Enjoy:

https://gist.github.com/pallinger/cdb70d73cb922baa43d2

P.s.: It is really better to use etckeeper or something similar, but if you already installed the system you are too late for previous modifications.