*.py packaging, again

Jeff Johnson n3npq at mac.com
Thu Jul 14 18:15:31 CEST 2011 

On Jul 14, 2011, at 11:10 AM, Tomasz Pala wrote:

> On Thu, Jul 14, 2011 at 17:04:02 +0200, Tomasz Pala wrote:
> 
>>>> *  I had an idea once upon a time to verify content of repackaged files
>>>>  against original digest, I really miss this feature in rpm (rpm -Vp
>>>>  verifies package against filesystem not internal cpio).
>>> 
>>> Remove the RPMTAG_REMOVETID poisoning and repackaging (for most packages)
>>> becomes an exact inverse and file digests can then be verified just
>>> like any other package.
>> 
>> By rpm binary? How?
> 
> For example, I got original file (currently installed):
> 
> ~:  rpm -Kvv iceweasel-3.6.17-1.i686.rpm 
> D: Expected size:      6683934 = lead(96)+sigs(920)+pad(0)+data(6682918)
> D:   Actual size:      6683934
> iceweasel-3.6.17-1.i686.rpm:
>    Header SHA1 digest: OK (b0509c227544d3d4860b484e8afde6eec28a051b)
>    MD5 digest: OK (a92e0a2dc52504d42959bb67741596f7)
> 
> ~:  rpm -Vp iceweasel-3.6.17-1.i686.rpm 
> Unsatisfied dependencies for iceweasel-3.6.17-1.i686:
>        Requires: libhunspell-1.2.so.0
> 
> S.5....T   /usr/bin/iceweasel
> S.5....T   /usr/lib/iceweasel/components/nsLoginManager.js
> S.5....T   /usr/lib/iceweasel/components/storage-Legacy.js
> S.5....T   /usr/lib/iceweasel/components/storage-mozStorage.js
> 
> 
> And I got some previous, repackaged file:
> 
> /var/spool/repackage/1309337365#  rpm -Kvv iceweasel-3.6.13-2.i686.rpm
> D: Expected size:      7452100 = lead(96)+sigs(180)+pad(4)+data(7451820)
> D:   Actual size:      7506959
> iceweasel-3.6.13-2.i686.rpm:
>    Header SHA1 digest: OK (9ad4a3fb6c194ba14c5b85f20e8aa567bbce3764)

This indicates that someone has already removed the poisoning:
	if RPMTAG_REMOVETID were present, then the header SHA1 would fail

>    MD5 digest: BAD Expected(51df700b3bfa11a73df0d1219eae9f97) != (43b884021c55da3d87f9e76f83f5ceb4)
> 

So the operation that needs doing is essentially this

	mkdir -p XXX
	cd XXX
	rpm2cpio iceweasel-3.6.13-2.i686.rpm | cpio -dim
	rpm -Vp --root `pwd` iceweasel-3.6.13-2.i686.rpm

which RPM will not do for you.

Personally I'd rather see RPM chill the shot glasses, pour the vodka, and
serve up peanuts and chips than bother chasing down which file in a repackaged
payload is actually modified. YMMV.

> 
> How can I list files within the latter archive, that were modified
> before repackage (in this case I know they are exactly the same 3 as above).
> 

See above:

Kazdy wypity kieliszek – to gwózdz do naszej trumny… Pijmy wiec tak by trumna sie nie rozpadla.

73 de Jeff
> -- 
> Tomasz Pala <gotar at pld-linux.org>
> _______________________________________________
> pld-devel-en mailing list
> pld-devel-en at lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/pld-devel-en

More information about the pld-devel-en mailing list