> On Jun 7, 2016, at 1:49 PM, Tomasz Pala <[email protected]> wrote: > > Note: I'm not referring to %config issue reported, this is only by-the-way > question. > > On Tue, Jun 07, 2016 at 13:16:45 -0400, Jeffrey Johnson wrote: > >>> A propos - would it be possible for rpm to support "--verify --package" >>> exactly for this purpose, i.e. verifying metadata/manifest against cpio >>> archive contents (including file checksums) without installing package.rpm? >> >> All rpm operations are supported for any rpm package. > > But --verify checks against filesystem. I'm looking for a way to check > against cpio inside… >
OK. >> is different however. The payload when the repackaged payload is constructed >> is ???best effort??? in the sense that if a file does not exist on its >> metadata path, then >> the file cannot be included in the package. Similarly, if a file is modified >> from the original content, there is no attempt to recalculate file digests, >> which >> would also trigger a recalculation of the header SHA1 and (harder) resigning > [...] > > ...just for such cases as you described. In other words: I want to check > if repackaged.rpm contains changed files. Let's name it: integrity test > (manifest vs cpio). > > Currently I'm able to do it by installing such package in newly created > (empty) root and verifying against files put inside, but there should be > more elegant/effective way. Considering the --install checks digests > (thus --nomd5/--nodigest was required to install repackaged.rpms with > modified contents), it should be enough to skip appropriate code path, > the one that actually commits filesystem changes. > If you diff rpm -qplv and rpm2cpio … | cpio-itv spewage, you will verify that all the cpio headers are identical to what is in metadata. Those 2 outputs were identical at one point in time, but the sewage display conventions for rpm/cpio might have changed since implemented. 73 de Jeff _______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
