[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: packages without .md5sums file?

> Previously Massimo Dal Zotto wrote:
> > Is this allowed by policy?
> Yes.
> > And if not should we change the policy and require that every package have
> > the .md5sums file?
> No. .md5sums are the wrong approach for this. The right approach is
> a combination of signing packages themselves, and dpkg generating (multiple)
> checksums on the fly when installing a packages. The signing part is
> implemented already, the second is not currently.
> I'ld much rather wait until that is implemented (which also won't require
> any policy changes) then decide on an imperfect temporary solution. (And
> yes, we are working on implementing that).
> Wichert.

I understand your arguments. In the meantime I have the following problem:
I had a system crash with filesystem corruption. I would like to check the
installed files with the original packages without the need to reinstall
everything. This is trivial for packages which have the md5sums but seems
difficult for packages which don't provide this information.

Any idea?

Massimo Dal Zotto

|  Massimo Dal Zotto               email: dz@cs.unitn.it               |
|  Via Marconi, 141                phone: ++39-0461534251              |
|  38057 Pergine Valsugana (TN)      www: http://www.cs.unitn.it/~dz/  |
|  Italy                             pgp: see my www home page         |

Reply to: