Hello Paul, On Wed, Jul 23, 2008 at 02:25:05PM +0800, Paul Wise wrote: > I'd like cruft to have a disabled-by-default weekly cron job that does > something similar to the debsecan security report; a cruft report, > delivered weekly detailing new cruft, removed cruft, changed cruft and > unchanged cruft. The changed/unchanged cruft could be differentiated by > taking the md5sum and the filesystem metadata of the cruft and comparing > them. The cron job should ignore /srv, /home and /root at least and > maybe /tmp and /var/tmp. This would be incredibly useful for finding > postrm, postinst and other bugs. Some whitelist mechanism would probably > by needed for cruft that is long-lived due to bugs or FHS violations in > Debian packages.
I think such feature would be useful, although it's not high priority for me, at least for now. I try to work towards making cruft not report false-positives, rather then create tools for sifting through them. Having said that, I would be glad to accept patches. A possible implementation would be to have an option for cruft, which would change its last stage of operation (report generation). Instead of merging and indenting the result files, it should go through them and stat+md5sum the files to be reported, and print out all that information. Then another utility could diff that with the status from last week and perhaps further process it before returning to the user. Obvious hurdles include: - non-plain-file (including missing files) would require special treatment, because e.g. it's difficult to md5sum a directory - care should be taken for race conditions (file existed on the initial scan, but disappeared by the time we got to statting it) regards, -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
