I'm again and again wondering why there isn't (or did I just not find it?) any tool which can reliably and effortlessly rollback changes done by updates. Let me take an update with apt on Debian as example. There's this new package and there are the dependencies it has. Every package has a list of files which will be created / modified / deleted. Additionally, other files may be modified by configuration scripts.
My research on this topic brought up strace as possible best solution. With strace it's possible to monitor the syscalls of a single process (lets assume apt-get) and it's possible to filter out syscalls that are relevant to what I'm looking for.
Having this list, it would be possible to reliably rollback the update with a single command. Maybe it's even possible to add some kind of hook to a modified strace executable which triggers the backup of every file just before it's modified.
Are my assumptions correct? If yes, does such a tool exist?