[Lars Wirzenius] > It strikes me that if we want to make it policy, having dpkg generate > the checksums upon creating the .deb would be the simplest and best > way to do it.
I'd opt for dpkg generating the checksums upon _extracting_ the .deb file. We already claim that the md5sums file isn't supposed to be any kind of security thing. Why bother to ship it? It is redundant information which can easily be regenerated on the user's system. Russ's mention of packages that alter their installed files in the postinst just seems not worth supporting. Copy a template file instead. -- Peter Samuelson | org-tld!p12n!peter | http://p12n.org/
signature.asc
Description: Digital signature