On 2/21/07, Lucas C. Villa Real <[EMAIL PROTECTED]> wrote: > On 2/18/07, Ricardo Nabinger Sanchez <[EMAIL PROTECTED]> wrote: > > I'd suggest to mark the package as such also (installed from unchecked > > Recipe). If the signature check failed, either the Recipe is broken/needs > > update or a bug was triggered inside InstallPackage (thus the traceback). > > > > It should be easy to the (unaware) user see those quickly, and act upon them > > (deinstall, update to a newer version, file a bug, ...). > > Do you have any suggestions? Marking a package in any way is going to > either add or modify another file, and then the package will be > automatically broken to VerifyProgram's eyes, as there will be either > a md5sum miss or an 'invader', according to FileHash's contents. I > think this lies in the "user's problem corner", as he/she explicitly > asked to ignore that verification. >
Rename FileHash to FileHash.overridden (or similar). It'll stop the check in later runs of VerifyProgram and mark the package that the signature was ignored. -- Carlo J. Calica _______________________________________________ gobolinux-devel mailing list [email protected] http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
