NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/52512: Duplicate files prevent veriexecctl from loading signature file
The following reply was made to PR bin/52512; it has been noted by GNATS.
From: Paul Goyette <paul%whooppee.com@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc:
Subject: Re: bin/52512: Duplicate files prevent veriexecctl from loading
signature file
Date: Tue, 29 Aug 2017 09:15:34 +0800 (+08)
> Files which appear as more than one name prevent veriexecctl from
> loading a signature database successfully as the hash for one of the
> named files would have already been loaded, such as:
> veriexecctl: Cannot load params from `/usr/pkg/bin/perl5.26.0': File exists
> This results in veriexecctl reporting that it cannot load /etc/signatures
> for example.
This problem appears on a simple base system. Just generate a new
signature file using
veriexecgen -d /bin
and then try to load it using
veriexecctl load /etc/signatures
Since cpio, pax, and tar are really all the same image, pax and tar will
report EEXIST; similarly for [ and test.
It is unclear whether we should modify veriexecctl to not set the error
for EEXIST, or if we should modify veriexecgen to not generate multiple
entries (with different names) for the same file. (It seems to me
unreasonable to expect the user to remove the duplicates.)
Home |
Main Index |
Thread Index |
Old Index