[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sums files (was Re: over 30000 bugs in our archive (!))

[I CC: this to debian-devel since I think this is of public intrest.
Please send any follow ups _only_ to debian-policy.]

On Mon, 9 Feb 1998, Joey Hess wrote:

> More problems I'm seeing as a view the lintian output -
> The lack of an md5sums file is flagged as an error. However, I'm not aware
> of any policy that says we need one. I personally like the md5sums files,
> but I thought lintian was bound by policy, so why is it reporting this as a
> bug?

It's not. Packages which don't have an md5sums control file are ignored by
this Lintian check script.

However, if a package has a md5sums control file, lintian checks whether
this file matches the actual package contents. 

For the maintainers with md5sums-bugs: Most problems with md5sums appear
if the debian/tmp directory is touched _after_ debstd (or the
corresponding debhelper script) is run. Furthermore, there was a buggy
debstd which included the DEBIAN/ files in the md5sums files too. In this
case, you rebuild the package with the current deb-make package.

> Also, lintian files it as a bug if a conffile is not listed in the
> md5sums file. Debhelper's dh_md5sums program, which makes md5sum files,
> excludes conffiles from md5sum files on purpose, becuase that info is
> duplicated elsewhere. So every debhelper package with a conffile gets a
> linitan error message.

Good point. (The current Lintian script simply unpacks the .deb and
compares _all_ files in that directory tree against the md5sums files.
With that, conffiles are also covered.)

So the question is: should a md5sums file contain conffiles too?

> We need to get a consensus on whether
> 1. md5sum files should be required by policy.

Note, that md5sums was only introduced by deb-make some time ago and never
has been widely discussed. AFAIR, a better solution than md5sums files
would be to store more information about the unpacked files, as setuid
bits, etc.



--                  Christian Schwarz
                   schwarz@monet.m.isar.de, schwarz@schwarz-online.com
                  schwarz@debian.org, schwarz@mathematik.tu-muenchen.de
                PGP-fp: 8F 61 EB 6D CF 23 CA D7  34 05 14 5C C8 DC 22 BA
 CS Software goes online! Visit our new home page at

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: