> On the otherhand, I'm really interested in the new proposal because
> I want to be able to reinstall an old package that I've broken, or a
> newer version of the egcs package or do sane upgrades, ...

Yes. Even though I understand the circumstances that dictate how the sysinst
Upgrade option is currently implemented, I fear it. I cannot trust it.

But I could certainly trust something that these new proposals would make
possible.

> Also, anyone give thought to making the md5's a first class citizen of
> packages so I can ask pkg_info to verify the installed base against
> the official md5's in the package (ala FreeBSD mtree).

Major drool. Anyone familiar with the classic "sh*t happens, it looks like
you need to reinstall your system" phenomenon on Mac's and WinBlows should
demand this ability once they realize that it is technically feasible.

There does need to be a way to manage legitimate tweeks like editing config
files and such, so you don't panic if something inconsequential is changed.

But you know, this sort of analysis is one core component of a good virus
protection system. In fact, I'd be in favor of a cron job that notified me
when any of my packages were modified by someone other than the install
system. (Unless it already exists, in which case I expect to be promptly
embarrassed.)

Todd Whitesel
toddpw @ best.com