[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: New field proposed, UUID

> Sorry, I'm not a Debian developer so honestly don't know all the policies or
> processes behind making debs.  But, it seems clear to me that if you use the
> pkg+version+arch as your UUID then a change in the md5sum caused by adding a
> signature would not effect the "UUID" and therefore be moot.  When I say any
> change in the "binary package" I mean any change in the binary files that
> get installed when the package is installed.  I'm not talking about a change
> in the deb file itself.
> Or am I totally confused?

you are not confused, just not seeing everything (-:

user does:
$ apt-get source
$ cd source
$ dpkg-buildpackage # this builds the deb

this will build a deb with the exact same name+arch+version as the one he
downloaded.  However the tool that built it will add a different UUID because
these are generated at build time.  So NEW UUID does not equal release UUID and
we know something happened.

Bumping the version of a kernel makes sense, but what if i comipile a package
because I did not like the maintainer's choice of compile options?  The current
build tools do not make too much differentiation between a user compiling a deb
and the actual maintainer -- so when would the version get bumped?

Reply to: