Hi Sebastian, > I had some trouble with the copy of /usr/src I fetched > and so I had to refetch it. But now I'm not sure if I included > all patches (even I've e.g. no em-Device
I'm not quite sure what you are talking about - neither on http://www.openbsd.org/errata37.html nor on http://www.openbsd.org/errata36.html i'm aware of any reference to em(4). > (Btw: why are just critical patches listed?)). The patch branch is a good choice if you want to maintain a system to be as stable as possible. You do not want to have anything patched in there unless it is critical. On top of that, developers prefer improving current code over patching old code unless there are really good reasons to patch. We should not discourage that kind of lazyness. > I guess there's no "system" to identify if somebody applied > a patch or if he/she dosn't [...] Er, well, what about reading the patch itself and looking at one of the files referenced? That way, you will find out very quickly whether the patch was applied or not. In case you fear that somebody (possibly you?) screwed up something below /usr/src, you could check using the -ctime option of find(1). That will work very well unless you have shot yourself into your own foot abusing touch(1). But when you are really worried that the copy of /usr/src you are using for your patch branch might be damaged, you should probably just mv(1) /usr/src out of the way and install a clean copy from you CDROM, then apply once more all the patches from http://www.openbsd.org/errata??.html > The ports-tree uses checksums to check the integrety of a port. As far as i know, no, that's not what it does. The ports system uses checksums to check the integrity of third-party distribution files. You download those from third-party ftp servers which might be compromised. If you damage _random_ files below /usr/ports, checksums won't rescue you, as far as i know. > So why can't a script include all Checksums for e.g. patches? I think that won't lead you anywhere. As long as you use the patch branch, the number of patches is small, so you can (and should) look at each individual patch anyway, just before you apply it. Thus, automation is no issue in the first place. If, by contrast, you are running -current, many things are bound to change many times. In that case, checksums won't lead to anything but bogus error messages and quite probably a maintenance nightmare. My overall impression is that you are playing around with things you would better leave alone, at least if you are trying to set up a stable system. > it could be fixed easily (I think). Helping you would be easier if you explained more clearly what you are trying to accomplish and why you are patching so much that you lose track of what you are doing. Why won't just getting /usr/src from your CRDOM and applying all the (two) patches by hand work for you? Yours Ingo