Hi. Goswin von Brederlow wrote: > PS: I favour method C and would esspecially like some feedback on the > technical aspect. Can a "_deb_signature" file be savely added to the > end of a deb without breaking existing tools (apt/dpkg/dinstall)? I'd favor C, too. (And with be I'd prefer "cat *.changes" over "tar" if it's gonna be B...) However: As "md5sum my.deb ; ar q my.deb _deb_signature ; ar d my.deb _deb_signature ; md5sum my.deb" gives two different lines, I'd think signing the individual members of the deb, not the deb in itself is preferable (or sign a list of md5sum's or whatever). (Even if there is some way to restore the old deb, I'd think something like the above should be possible.) Lets have some experiments: For me (i386), slink "dpkg -i" breaks, potato "dpkg -i" (version 1.6.14) works with an appended _deb_signature. BTW: This is offtopic, but it seems that potato is neither in debian/ nor in debian-archive/? Cheers T.
Description: PGP signature