[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fedora Updates: whole packages vs patches



On Thursday 09 December 2004 12:36 pm, Rich Burroughs wrote:
> Jorge Fábregas wrote:
> > 1- create an rpm with just that file (thus...it will be a patch rpm).
> > size 1K
>
> Then the md5sums that RPM uses to check the integrity of the files would
> be broken for the initial package. It's not perfect, but rpm -V is a
> nice quick and dirty way to check if files have been altered or trojaned.
>
> In the case of a patch RPM like you mention, you'd then have to also
> check the sums for the patch, and compare that to the list of files in
> the original, to make sure that the ones in the original package that
> had been changed were all the same files in the patch. It would be
> pretty messy.
>
>
> Rich

RPM Could be made "patch aware", so when you do an "rpm -V foo1", it would 
know that patch foo1-patch1 was applied, and do the right thing.  This would 
possible entail a new RPM header construct, which declares a package as a 
patch, withe dependencies on the base (or prior patch).

Another problem though, is recreating the base if you remove the patch.  So 
say you install the base: "rpm -Uvh foo1".  Then apply the patch: "rpm -Uvh 
foo1-patch1".  This over writes the original libfoo with the new one.  What 
happens if you try to remove foo1-patch1?  RPM could refuse, because doing so 
would delete libfoo, leaving a broken package.  It could have maybe 
squirreled the original away, then put it back.  Or maybe request the 
location of the original package, and restore the needed parts from there.

Not insurmountable problems; but not as simple as just shipping patches 
either.

 --rick


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]