Auditing Package Integrity with DNF Verify
Package Management (Apt/Dnf/Pacman Internals)
Auditing Package Integrity with DNF Verify
🧩 The Challenge
You suspect a binary or configuration file provided by a package has been silently modified or corrupted on your disk. Manually checking file hashes against the package database is tedious and error-prone.
💡 The Fix
Use the DNF verification plugin to perform a checksum and metadata comparison of installed files against the original package header.
dnf verify --all
⚙️ Why It Works
The verify plugin compares the current size, owner, group, and MD5/SHA256 checksums of installed files against the data stored in the RPM database headers. Any discrepancies, such as unauthorized configuration changes or binary tampering, are reported in the output.
🚀 Pro-Tip: Use dnf verify <package_name> to audit a specific package instead of the entire system to save time during routine checks.
Linux Tips & Tricks | © ngelinux.com | 7/11/2026
