On 2020-06-16, Jeremy O'Brien <neut...@fastmail.com> wrote:
> On Tue, Jun 16, 2020, at 17:19, Daniel Jakots wrote:
>> I think if I wanted to compare packages between a machine of mine and a
>> mirror, I would compare the quirks package signature timestamps. On
>> your machine you can find it with
>> $ grep digital-signature /var/db/pkg/quirks*/+CONTENTS
>> and on the mirror, you need to fetch the quirks-XXX.tgz (I guess you
>> can find the XXX with the index.txt) and then look for the +CONTENTS
>> file.
I have this which I use sometimes.
#!/bin/sh
old=`pkg_info -f quirks | sed -En '/@digital-sig/
s/(.*signify2:|:external)//gp'`
new=`PKG_DBDIR=/var/empty pkg_info -f quirks | sed -En '/@digital-sig/
s/(.*signify2:|:external)//gp'`
if [[ $old == $new ]]; then
echo "Already up-to-date: $old"
else
echo "Updating: $old -> $new"
pkg_add -u
fi
> I'm not sure I'm following. What helpful information does this convey,
> exactly? It's my understanding that the quirks package specifies mainly
> package obsolescence and stem-changes.
It's a quick way to check if a new package build is available.
But it does rely on you not installing new packages without doing
a pkg_add -u (because that will cause the local quirks package
to be updated).
....
> As I understand it, the pkgtools detect same-version rebuilds by
> downloading enough of every installed package tgz to check the metadata
> contained within to determine if an upgrade is needed.
Every package is rebuilt in *every* ports build so it's not so much
detecting whether there was a same-version rebuild, but whether you
need to install it.
> If anyone knows
> of an alternative way to determine when a same-version package install
> is required, I would love to know of it.
That is the only way to check. The packing list at the start of each
package includes the information about library versions it was built
against (this is called the "signature" - unrelated to crypto
signature - see it with pkg_info -S $somepkg). This is needed to
decide whether you need to update that package.
