Re: bin/52512: Duplicate files prevent veriexecctl from loading signature file

[Paul Goyette <paul%whooppee.com@localhost>]

The following reply was made to PR bin/52512; it has been noted by GNATS.

From: Paul Goyette <paul%whooppee.com@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: bin/52512: Duplicate files prevent veriexecctl from loading
 signature file
Date: Tue, 29 Aug 2017 09:15:34 +0800 (+08)

 > Files which appear as more than one name prevent veriexecctl from
 > loading a signature database successfully as the hash for one of the
 > named files would have already been loaded, such as:
 > veriexecctl: Cannot load params from `/usr/pkg/bin/perl5.26.0': File exists
 > This results in veriexecctl reporting that it cannot load /etc/signatures
 > for example.
 
 This problem appears on a simple base system.  Just generate a new 
 signature file using
 
  	veriexecgen -d /bin
 
 and then try to load it using
 
  	veriexecctl load /etc/signatures
 
 Since cpio, pax, and tar are really all the same image, pax and tar will 
 report EEXIST;  similarly for [ and test.
 
 
 It is unclear whether we should modify veriexecctl to not set the error 
 for EEXIST, or if we should modify veriexecgen to not generate multiple 
 entries (with different names) for the same file.  (It seems to me 
 unreasonable to expect the user to remove the duplicates.)