--ikeVEW9yuYc//A+q
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Julio M. Merino Vidal writes:
>=20
> in a recent discussion in tech-pkg@ (don't remember very well which one
> it is), it was suggested that comparing the generated PLIST to the files
> that were really installed by the package could be a good idea.
>=20
> Here is a patch that does this.  For completeness, it also checks that
> no files are deleted (something that must never happen, AFAICT).

I had a similar idea recently. Since I use sepbuild-pkgsrc [1] for my bulk=
=20
builds, I integrated the functionality there. It checks for missing files a=
s=20
well as for extra files (then it removes the extra files). The results of t=
he=20
checks are written in the log directory (located in the directory where you=
=20
invoke sepbuild-pkgsrc) under log/xfiles.

Because of the privilege concept of sepbuild, no package can ever fool this=
=20
check (be it unintentionally or intentionally/maliciously, e.g., through a=
=20
trojaned distfile).

[1] http://plastictree.net/software/sepbuild


--=20
Lasse Kliemann
      private homepage: http://plastictree.net
   NO software patents: http://swpat.ffii.org
do NOT use M$ products: http://plastictree.net/articles/noms

--ikeVEW9yuYc//A+q
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iD8DBQFB6rcz1gObwed86AkRAlAKAKDOOJeAtkfBQAJzW9eF99iq9vqO/QCgtFA0
XaO2yyblfnY3+4JXBr/nLNM=
=2UL6
-----END PGP SIGNATURE-----

--ikeVEW9yuYc//A+q--