--HlL+5n6rz5pIUxbD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

It recently occurred to me that since we have the checksum of all files
in a given package already recorded, it would be simple to write a small
program that could verify the integrity of all files, as some sort of
'tripwire'-like IDS for all your packages.

So I went ahead and did just that as an exercise in writing awk (which I
do too rarely anyway).  The result is called 'pkg_ids' and can be
downloaded from http://www.netmeister.org/apps/pkg_ids-0.1.tar.gz

Obviously, checksumming all files installed via pkgsrc is very expensive
-- I ran this on a machine where I have over 1050 packages installed,
and it took about 30 minutes to complete.

If somebody else is interested in this program, please give it a spin
and let me know any problems or suggestions.  If others think that this
might be useful, then I'd consider adding this to the audit-packages
package.

Thanks,
-Jan

--=20
   It's psychosomatic. You need a lobotomy. I'll get a saw.
		  -- Calvin

--HlL+5n6rz5pIUxbD
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFCbBIGfFtkr68iakwRAlDAAKDHbRc2RiyTEieXYBG5GmKfQr/llACfYVeK
i2q/Vvv3Bx/T5sQewrTYd8U=
=Z7K0
-----END PGP SIGNATURE-----

--HlL+5n6rz5pIUxbD--