On Nov 5, 2005, at 11:28 PM, Chris Dolan wrote:
On Nov 5, 2005, at 5:45 PM, Alexander K. Hansen wrote:A problem opposite to the one that you mentioned also occurs: building on different machines with different packages that solve the same virtual dependency (e.g. Xorg vs. Apple's X11) will generally result in more than one MD5 for the same package.
Also, many .debs can be built with different versions of a dependency. This gives the binaries different results for 'otool -L', and different MD5's. I think prebinding also plays some games with libs that can cause MD5's to differ, not sure if this is still relevant though. I wouldn't be surprised if some packages include a date in the build, as well, which would make MD5's differ too.
Anyhow, the point is that comparing MD5's, while a cool idea, is unlikely to work.
Hmm... Then, wouldn't that be a problem for bindist in general?
The bindist only needs a single, correct .deb per package. Many of the things that could make a MD5 differ aren't really problems, any of the individual .debs with different MD5's could replace each other.
In some cases, like xorg/x11 and foo/foo-ssl, there are actual compatibility issues introduced. The solution to this is to build with the *least restrictive* packages. Eg: Build with x11 installed rather than xorg, since that package will work with either. This is something that buildfink will need to be taught before we use it to make the bindist.
Dave
PGP.sig
Description: This is a digitally signed message part
