[arch-dev-public] makepkg.conf settings - Was:[signoff] pacman 3.3.0

Roman Kyrylych roman.kyrylych at gmail.com
Mon Aug 3 05:06:37 EDT 2009

On Mon, Aug 3, 2009 at 10:19, Pierre Schmitz<pierre at archlinux.de> wrote:
> Am Montag 03 August 2009 05:36:53 schrieb Allan McRae:
>> 1) Arch LDFLAGS:  -Wl,--hash-style=gnu -Wl,--as-needed
>> There are very few problems with --as-needed these days and several
>> other distros are using it to.  You can always do an somthing like
>> export LDFLAGS="" if it fails (much like is done when our CFLAGS cause
>> issues.  The -Wl,--hash-style=gnu will cause us not to have sysv hashes
>> in our packages (we currently patch gcc to have both so building without
>> makepkg will be unaffected).
> +1
>> 2) Arch integrity check policy.  This is the default checksum produced
>> with "makepkg -g".  Stick with md5sum or go to sha256?  I don't care but
>> md5sum has collisions so maybe sha256 is the way to go.
> Afaik md5sum is good enough for download verification. But I don't really care
> as long as we could use both.

I think md5sum collisions are more security-related stuff,
and for security we need signed packages anyway.
When speaking about checking package integrity
- md5sum does its jub fine.
So I see no benefit in moving to sha256.

Roman Kyrylych (Роман Кирилич)

More information about the arch-dev-public mailing list