Date: Wed, 15 Nov 2006 21:05:10 +0100 From: Erwin Lansing <erwin@FreeBSD.org> To: Mikhail Teterin <mi@aldan.algebra.com> Cc: freebsd-bugs@freebsd.org, Parv <parv@pair.com> Subject: Re: bin/34628: [pkg_install] [patch] pkg-routines ignore the recorded md5 checksums Message-ID: <20061115200509.GY69151@droso.net> In-Reply-To: <200611151410.52964.mi@aldan.algebra.com> References: <200611142154.kAELsKN4007777@freefall.freebsd.org> <200611141703.38311.mi%2Bmx@aldan.algebra.com> <20061115182320.GF69151@droso.net> <200611151410.52964.mi@aldan.algebra.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--GCRJOSQGwEYxR+j1 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 15, 2006 at 02:10:52PM -0500, Mikhail Teterin wrote: > ?????? 15 ???????? 2006 13:23 ?? ????????: > > > That's a surprisingly naive way of thinking... The CONFLICTS > > > functionality is broken on occasion in bsd.port.mk, and not every port > > > sets it anyway... >=20 > > If CONFLICTS is broken, CONFLICTS should be fixed, not pkg_info. If some > > ports don't set it, they should be fixed, not pkg_info. >=20 > People should never get sick -- we don't need doctors. Programs should be= =20 > bug-free, we don't need debuggers... >=20 > But 'pkg_info -W' ALREADY detects the situation, which is never supposed = to=20 > happen -- when multiple packages claim the file. According to both you an= d=20 > sobomax, this functionality should be ripped out. I disagree, and my chan= ge=20 > uses the checksums to help the user identify, which of the multiple packa= ges=20 > is the right one. OK >=20 > > > `pkg_info -W' would also be able to warn about checksum mismatches, w= hich > > > would suggest, a file has been modified (or corrupted) since getting > > > installed. > > > > Now, that sounds more like a good idea, although in that case, the code > > should moved outside the code for checking if multiple ports claim the > > same file. >=20 > The change was introduced to allow to determine, which of the multiple po= rts=20 > installed the current version of the file in question. It is trivial to= =20 > modify it to compare the checksum in all cases, at the cost of slightly= =20 > higher overhead (MD5File called always, even if only one port "claims" th= e=20 > file). Or maybe hide it behind an extra option to turn it all for all cases. >=20 > > > Anyway, what is the overhead exactly? > > > > Explained elsewhere in this thread. >=20 > And promptly refuted in a follow-up... Have you missed it? No, that's why I'm not commenting on that here. >=20 > > Note, that my reaction was the same as sobomax' back in 2002 >=20 > Erwin, that so wrong... Sobomax has expressed doubt and asked a bogus=20 > question. You should also note, that FIVE MONTHS passed between my submit= ting=20 > the PR (and assigning it to Maxim -- March 2002) and his expressing "the= =20 > doubt" (August 2002).=20 Sobomax' question is not bogus, it's the same one I asked you. You should have explained it to him instead of just ignoring him and trying to get someone else to commit it for you. >=20 > Considering, that he saw the patch and the discussion of it in February= =20 > (2002) -- and requested I do the PR (a quote from his request is in the= =20 > trace), his entire participation in the matter should be discounted... >=20 > At the time JKH was still with us, and since he has expressed interest in= the=20 > functionality, I simply transfered the PR to him. >=20 > > and you then refused to give more information. >=20 > ???? Please, quote a request for "more information", that you accuse me= =20 > of "refusing" to honor? Read the audit-trail. >=20 > > As you haven't shown any interest in this PR since, I gathered you were= no > > longer interested and I closed it. >=20 > Erwin, this is completely bizarre. So, not only does one have to describe= a=20 > problem and offer a solution, one also needs to continuously "show intere= st",=20 > or else the problem will be deemed non-existant? >=20 > > If you are willing to work on this, it would be great though. >=20 > What ELSE can I do? I described the problem. I proposed a (fairly elegant= ,=20 > IMHO) solution. I've been using that solution myself for the last 4 years= =2E=20 > You think, I need to do something else? >=20 > Could one of you, please, just try the freaking patch for themselves, ins= tead=20 > of trying to guess, what it does and does not do? Like Maxim in 2002, Par= v=20 > just exhibited serious misunderstanding of the proposed change... It must= be=20 > my failure to describe it, of course (who else can be to blame?), but I a= m at=20 > a loss, at how to do it better... It addresses a non-trivial use-case and= =20 > requires a little bit more of attention span, than has so far been grante= d to=20 > it by various people quick to render their dismissing judgements... >=20 Did you actually try to read my mail, or did you just assume that the whole world is against you? Please reread my mail as constructive comments on a 4 year old patch instead of being paranoid. Now, can be get back to the code? -erwin --=20 Erwin Lansing http://droso.org Security is like an onion. (o_ _o) It's made up of several layers \\\_\ /_/// And it makes you cry. <____) (____> erwin@lansing.dk --GCRJOSQGwEYxR+j1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFW3L1qy9aWxUlaZARAmsjAJ0f9NzynfzTEgkPCAcZZGVoBhp+TQCg7woq t+ZwToYZWmsAxQL+V0bqaw8= =o4fa -----END PGP SIGNATURE----- --GCRJOSQGwEYxR+j1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061115200509.GY69151>