Subject: Re: little hacking project: bulk build checksums
To: None <>
From: Jan Schaumann <>
List: tech-pkg
Date: 01/23/2005 22:46:45
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Jan Schaumann <> wrote:
> I was thinking about doing it as part of the 'upload' script (ie more of
> (b) than (a)), with a knob to pgp sign the final checksum file (which
> would introduce/require interaction).

I've just committed the bits to the upload script to do just that.
Given that it's a trivial addition, I see no harm.  Better to have the
checksum files (even if not many people make use of them) until we have
pkg* tools that actually provide signatures for each package.

Per default, no checksums are created.  If the bulk-building party wants
to create checksums, then they need to set


in the environment (or in BULK_BUILD_CONF).

If they want to sign the checksum files using gpg(1) (which of course
introduces interaction before the actual uploading is done), then they
need to set

in addition.


'I have reached an age where my main purpose is not to receive
messages.' --- Umberto Eco, quoted in the New Yorker

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3 (NetBSD)