dave coyle .com

coyled @ GitHub
coyled @ Instagram
coyled @ Vimeo
coyled @ Twitter
coyled @ freenode

JSON-flavored .deb inventory

October 11, 2012

I have lots of Ubuntu hosts and sometimes I need to see on which host(s) a specific version of a package is installed (say, the day a vulnerability is announced). It’s also helpful to have a record of when specific packages are installed and upgraded on a given host. So I wrote a small utility to examine the installed packages on a Debian or Ubuntu host and output the result as JSON. E.g.:

      "fqdn": "foo.example.com",
      "lsb": {
        "id": "Ubuntu",
        "release": "12.04",
        "codename": "precise",
        "description": "Ubuntu 12.04.1 LTS"
      "kernel": {
        "release": "3.0.18-linode43",
        "machine": "i686"
      "dpkg": {
        "accountsservice": {
          "selection_status": "install",
          "install_status": "installed",
          "version": "0.6.15-2ubuntu9.3",
          "arch": "i386"
        "adduser": {
          "selection_status": "install",
          "install_status": "installed",
          "version": "3.113ubuntu2",
          "arch": "all"

      <...etc., etc....>

      "created_at": "2012-10-11T21:48:50-04:00",
      "system_id": "CA1E2072-2EAF-462A-965C-86025E2C24D3"

Installation is simple:

    $ gem install dpkginv
    $ dpkginv

If you want to include a per-host unique identifier to avoid relying on FQDN, create a file /etc/dpkginv.conf containing:

    system_id: <some_id_for_this_host>

You could, for example, set this to the value of /sys/class/dmi/id/product_uuid

Since it’s just JSON you could do something like keep a daily record of inventory in CouchDB, e.g.:

    $ dpkginv | curl -H 'Content-Type: application/json' \
        -d @- -X POST https://couchdb.example.com:5984/dpkginv

Source is here. It’s implemented as a plugin for Chef’s Ohai, so you could also use it in a larger Chef context.