On Wed, May 13, 2009 at 13:58:18 -0400, Jeff Johnson wrote: > Repackaged files have no digest verification. The digest > carried in repackaged packages is the original digest; > but the file in the payload may have been modified or > even deleted and not present in te repackaged package payload.
That are exactly the cases I'd like to catch. During package development sometimes it's necessary to make some modifications (or change entire file) in /usr tree for testing purposes. When you forget about it and upgrade package these changes are lost. Recently I've found old ltmain.sh file (this time causing problems) and I can't recall replacing it. Now I'd like to review entire repackage spool for modifications done before upgrade. There would be differences in config files and missing languages for sure, however other permissions, timestamps and modifications are worth pointing out. > You can work around by using a transaction "probe dependency". > > E.g. > > mkdir -p /etc/rpm/sysinfo > md5sum /etc/passwd | sed -e 's/\([^ ]*\) *\(.*\)/digest(\2) = > \1/' >> /etc/rpm/sysinfo/Requirename > > verifies the md5 of /etc/passwd every time rpm -Uvh is run. Nice feature, too. -- Tomasz Pala <[email protected]> _______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
