Colin Watson wrote: > On Sun, Jan 19, 2003 at 10:47:18AM +0200, Alaa The Great wrote: > > > > the RPM format itself seems to have all the features of deb, > > It has most of them, although it's missing one or two. I'm reliably (I > think) informed that it doesn't have diversions, for instance. In general the capabilities are very similar. Discussing the pros and cons of those two are like doing the same for emacs and vi. RPM does allow you to --relocate one path to another path. But if I understand where you would go with that the answer is that you will need to --relocate on the command line each time you upgrade to a new version of the package as it does not "stick". And there is the reverse as well. Is there a way to verify the installation of an installed deb package similar to 'rpm --verify'? Is there a way to correct the permissions and ownerships of the installed files of an installed deb similar to 'rpm --setperms' and 'rpm --setugids'? <rant> Don't laugh, I live in this environment. Usually it is some corp written thing which includes a script which has not seen any code review. Admins should have programming skills especially at the higher levels. But remember the job is done by the lowest bidder. Script is run by local admin doing what they were told to do by corp admin. Script munges things that it should not munge. AIDE is a godsend to find these issues and send alert that things are now different. But a --verify would be better because AIDE does not tell me what is wrong, just that things changed. It does not tell me what package(s) need fixing. I would rather have a package verify run nightly in place of the nightly AIDE run. On second thought in addition to it. Fortunately 'apt-get --reinstall install package' usually does the work easily enough to correct the problem. But then the next AIDE run will have lots of noise and I am still not sure if things are really back to the right place as I would be if there were a --verify option. Maybe I should just nightly reinstall the entire system on every host because you just can't be too sure. </rant> > The missing features probably wouldn't be hard to add if somebody wanted > to, though. And very easy for the reverse as well. The md5sum file already exists and could be verified from that. Sounds perfectly suited to a dpkg-verify script. Hmm... Hopefully someone will just tell me this work is already done by a method of which I am not aware. That would be great. > > what is missing is tools and a tradition of best practices. > > Amen. Complete agreement. Bob
Attachment:
pgpG219JrIOGA.pgp
Description: PGP signature