[pacman-dev] pkgsum - Checksum package files against installed files
Hello, once upon a time someone at #archlinux did `make install` and i wanted to know if it overwrote any system files (cause it was not /usr/local he used). so i hacked this little script to checksum files in package against installed files. and today someone even wanted this kind of tool at the channel, and lastly allanmademeposthere :P Usage: pkgsum <packagename> it also reads a lazy VERBOSE variable: 0 (default) = print only results 1 = print also not matching checksums 2 = print also all files if anyone finds bugs, improvements, etc. please fix it! :P cheers .andre ps. i dont think that pkgsum fits as name 100% but for now its sufficient enough for me (tm)
right, as i was typing i kept saying "dont forget the attachment, dont forget the attachment"... next time ill add the attachment first :P
On Fri, Nov 05, 2010 at 03:53:28PM +0100, Andre Osku Schmidt wrote:
right, as i was typing i kept saying "dont forget the attachment, dont forget the attachment"... next time ill add the attachment first :P
May I make 2 suggestions: 1) Use another name than pkgdir as It's used in makepkg. Also use localstatedir instead of hard-coding /var. 2) Use openssl for getting the md5sums.
On Sat, Nov 6, 2010 at 10:06 PM, Nezmer <git@nezmer.info> wrote:
1) Use another name than pkgdir as It's used in makepkg. Also use localstatedir instead of hard-coding /var.
yeah, but how do i find out which global variable names i cant use? (btw. i didn't even think on using this while makepkg runs) should i rather do this as function and use local variables? (i assume $tmpdir is too generic an probably used by someone else too) what is 'localstatedir'? here its not a command nor a variable.
2) Use openssl for getting the md5sums.
why?
On Mon, Nov 08, 2010 at 02:11:52PM +0100, Andre Osku Schmidt wrote:
On Sat, Nov 6, 2010 at 10:06 PM, Nezmer <git@nezmer.info> wrote:
1) Use another name than pkgdir as It's used in makepkg. Also use localstatedir instead of hard-coding /var.
Note: I'm just a user. I'm not an authority here. And what I say is not necessarily accurate.
yeah, but how do i find out which global variable names i cant use? (btw. i didn't even think on using this while makepkg runs)
I suggested this merely to avoid any confusion.
should i rather do this as function and use local variables? (i assume $tmpdir is too generic an probably used by someone else too)
what is 'localstatedir'? here its not a command nor a variable.
If your script is going to be included in the pacman tree. People would expect it to just work no matter what platform/settings they use. localstatedir is a variable like prefix,libdir ...etc localstatedir is '/var' in Arch. But It might be '/usr/local/var' or any other dir elsewhere. Using '@localstatedir@' instead of '/var' in your script should suffice. Of course you would have to add the script to a dir in the pacman tree (maybe contrib) and edit Makefile.am to include your script.
2) Use openssl for getting the md5sums.
why?
* Used in makepkg and repo-add. * Portable (e.g: In FreeBSD the command is md5 not md5sum).
On Fri, 5 Nov 2010 15:48:29 +0100, "Andre \"Osku\" Schmidt" <andre.osku.schmidt@googlemail.com> wrote:
Hello,
once upon a time someone at #archlinux did `make install` and i wanted to know if it overwrote any system files (cause it was not /usr/local he used). so i hacked this little script to checksum files in package against installed files. and today someone even wanted this kind of tool at the channel, and lastly allanmademeposthere :P
Usage: pkgsum <packagename>
I like the idea of having some kind of integrity check for installed packages. Another use case would be checking the file integrity after a crash (especially if you are not using data journaling which is the default) For this to work one would need to check all installed packages and not only one. I also wonder how much space it would take to include all md5sums in e.g. the file lists. Greetings, Pierre -- Pierre Schmitz, https://users.archlinux.de/~pierre
On Sun, Nov 7, 2010 at 2:54 PM, Pierre Schmitz <pierre@archlinux.de> wrote:
For this to work one would need to check all installed packages and not only one. I also wonder how much space it would take to include all md5sums in e.g. the file lists.
$ echo $(( 33 * $(pacman -Ql | grep -v '/$' | wc -l))) 5900862 So 6MB. But it's easy enough to test this for real too. $ du -sk local 23468 local $ du -sk --apparent-size local 13584 local find local/ -name files | while read i; do sed -i 's#\(^[^[:space:]]\+[^ /%]\)$#\1 33c2a4bda46c7cee498bb660084492dd#' $i done $ du -sk local 29016 local $ du -sk --apparent-size local 19327 local Who cares about the size of the local db anyway ?
participants (4)
-
Andre "Osku" Schmidt
-
Nezmer
-
Pierre Schmitz
-
Xavier Chantry