On Jan 26, 2008, at 1:47 PM, Ralf S. Engelschall wrote:

> On Sat, Jan 26, 2008, Jeff Johnson wrote:
>
>> Perhaps
>> 	Requires: verify(N) = E:V-R
>> will simplify some of your OpenPKG framework hardening.
>>
>> Easy way to exercise the verify(...) probe is
>>     mkdir -p /etc/rpm/sysinfo
>>     echo "verify(zlib)" >> /etc/rpm/sysinfo/Requirename
>>
>> Return code is goofy atm, the I/O spew while checking dependencies
>> will need some fiddling, and there are some obvious  
>> generalizations to
>>     Requires: verify(*)		# same as -Va
>>     Requires: verify(/path)	# same as -Vf path
>> and a few extensions that I can think of, I'm sure you can think  
>> of some
>> uses too.
>
> Interesting. But what happens on "verify(foo)" if a %config file of
> package "foo" is modified. It is already causing "verify(foo)" to  
> fail?
> In on short: when in particular does "verify(foo)" fail and when  
> does it
> succeed?

You can guess: logical assertions are quite painful when inconsistent.

FWIW, that's what the "hint" in Requires(hint): is yo be used for: a  
logical DUNNO or MAYBE condition.

I've not tricked up any syntax for "hint" in /etc/rpm/sysinfo/*  
because YAML,
not flat files, is my eventual goal.

73 de Jeff