Especially during a do_release_upgrade, I am used to encounter a large number of prompts
Modified (by you or by a script) since installation
which I usually answer with N to keep my modifications, but typically do so only after a thorough look at the differences with D. For of course I'd prefer to accept the maintainers version if my changes were irrelevant (and so I hope this file will at least not be questioned in the next upgrade), and I also wish to avoid the danger that my modified but old configuration might keep some legacy security risks alive. So in addition, I note down the names of all files complained about for later thorough inspection once the overall upgrade has completed and I have a lot of spare time available.
Q1: Can I obtain a list of all files that the system might consider "Modified (by you or by a script) since installation" before actually doing an upgrade? -- The answer to this is perhaps simply sudo debsums --config --changed (and right now gives me a list of almost 50 files)
Q2: If so, can I compare with / reset to the original version? This might be particularly helpful in the many cases where a local change I stupidly made to /etc/foobar can be relocated into an automatically included file /etc/foobar.d/99-local.
At any rate, investigating such differences before an actual upgrade may well facilitate and accelerate the upgrade process itself.
Q3: My gut feeling is that sometimes even an unmodified file is considered modified?! At least, the D option sometimes shows me differences only in terms of verbose comments (by the original author/maintainer)
