RE: Package verification

To: <debian-devel@lists.debian.org>
Cc: <debian-dpkg@lists.debian.org>
Subject: RE: Package verification
From: "Kim Lester" <kim@dfusion.com.au>
Date: Wed, 8 Oct 2003 00:24:37 +1000
Message-id: <[🔎] NBBBJLIGKKBBNFCEJFCDAEPMIDAB.kim@dfusion.com.au>
Reply-to: <kim@dfusion.com.au>
In-reply-to: <20031004233830.GA24680@snoopy.apana.org.au>

The comments about debsums are useful and contribute
to the whole issue butthey still miss one of my
key points/queries.

There is no way to verify/correct the MODE, USER, GROUP, TYPE
of any files installed in a pkg.
If I am wrong please point out where, with an installed pkg
(and preferably without having a copy of the .dpkg around)
once can tell if a pkg is _installed_correctly_.

This is a real issue in the enterprise world and I think
debian is a better system than Redhat but unless the developer
community becomes aware and proactive about meeting enterprise
needs we're going to lose out to a competing system which
_I_ believe is inferior, but which is getting a lot of commerical
support. I don't greatly care about competition per-se, but I do
care about improving debian to meet my needs and I'm sure those
of others too.

So is the developer community interested in working with me
to add these (and other important features) for a larger
commercial environments. Bear in mind I have real coded
solutions to many of these issues which I hope to be able
to share....

One of the solutions I have implemented is a file containing:
type(eg Dir, Sym, File), path, mode, uid, gid, symlink destination
and in my case md5sum and file size (deb would use the sep md5sum file)
[correct size is useful for humans :-)]
This permits my command pkginfo -v to verify that a pkg is
installed correctly and can even fix certain errors (eg mode/uid/gid)
if requested.

regards
	kim

> -----Original Message-----
> From: Brian May [mailto:bam@debian.org]
> Sent: Sunday, October 05, 2003 9:39 AM
> To: Fabien Ninoles
> Cc: Kim Lester; debian-devel@lists.debian.org
> Subject: Re: Package verification and "/usr/bin/install" tool
> replacements
> 
> 
> On Sat, Oct 04, 2003 at 01:42:36PM -0400, Fabien Ninoles wrote:
> > Although your proposition seems more complete, have you try
> > debsums and checksecurity?  debsums with the following
> > feature in /etc/apt/apt.conf
> > 
> > DPkg::Post-Invoke {
> >         "debsums --generate=nocheck -sp /var/cache/apt/archives";
> > };

Reply to:

Follow-Ups:
- Re: Package verification
  - From: Steve Kemp <skx@debian.org>

Prev by Date: Bug#214566: dpkg-checkbuilddeps: please consider adding option to format output
Next by Date: unsubscribe
Previous by thread: Bug#214566: dpkg-checkbuilddeps: please consider adding option to format output
Next by thread: Re: Package verification
Index(es):
- Date
- Thread