On 13/01/2010 23:17, [email protected] wrote:
On Wed, Jan 13, 2010 at 11:08:40PM +0000, Chris Gerhard wrote:
r...@pearson:/var/cores# pkg contents -m SUNWcs | grep amd64/ksh93
file 2fbfe85ad662b86becc480b7c17d3395760adc4d
chash=e3a53cb82068dc6e7cedc5f166b7d2739fee05b9 elfarch=i386
elfbits=64 elfhash=4d7753d6595bafa718c55dd4932e64ac1e44546a
group=bin mode=0555 owner=root path=usr/bin/amd64/ksh93
pkg.csize=2981 pkg.size=9856 variant.arch=i386
r...@pearson:/var/cores#
But the two files are different:
r...@pearson:/var/cores# digest -a md5 /usr/bin/amd64/ksh93
72fe10d7e585ed10727a7e737bb3fb57
r...@pearson:/var/cores#
r...@brompton:~# digest -a md5 /usr/bin/amd64/ksh93
d0b4cb19582dc60db30e9e54b8778eaa
r...@brompton:~#
For file actions, verify looks at the elfhash if it exists. This action
has an elfhash, which is used instead of the SHA1 digest of the entire
file. This is because binaries often contain extraneous data in
non-executable sections of the file. This may change across
compliations, but we only want to upgrade the file if the executable
code has changed.
Thanks. Are there plans to allow users to use the sha1 check. I can
see all sorts of confusion when audits find files on systems that are
supposed to be identical are different yet the pkg system does not
report it.
This came to light as I was looking into ksh93 dumping core.I can
reproduce it on one system and not the other. Now it could be nothing to
do with the different binaries but if I can see customer calling up in
very agitated states if they see this.
--
Sent from my OpenSolaris Laptop
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
