Hello, Ok, so Gelp_64 could be very useful to me for reasons above and beyond the administrative vision of the devs.
For example, is there a way (scripts or xml wise) to expand /var/db/pkg to include codes I install via /usr/local/ or via some subset of rpm or dpkg installed codes as discussed in a recent thread? I'm working on setting up ansible to install (clone?) new gentoo systems, where pretty much the identical system to one that exists would be an excellent starting point. Is there a way to parse /var/db/pkg, or use a "directed graph" as blueness has suggested to populate Ansible with the necessary details to build a clone (gentoo) system? And then there are security audits, such as a fully characterized list of files and the dir hierarchy of a system. Sure some of these exist in current security tools, but the complete mapping, via /var/db/pkg does seem like an excellent idea, and if nothing else an excellent checking (redundant) mechanism for security audits or to determine if something is misses via SeLinux configurations. Also, as I grab codes and install them ( particularly without using an ebuild to perform the installation) how do I track all of those created files, with a mechanism independent of the mechanism inherent to the code. Trust is great but the best rule is to 'trust but verify'. ymmv. Then there is the new repo.conf and epatch_user files that should be tracked. I'm quite sure there are still many other ways outside files find there way onto our systems (not even addressing the web side of things) besides what I have partially listed in this post. If folks have similar concerns, what mechanisms do you currently employ for any of these aforementioned needs? James
