(Apologies if this is a dup, I searched and didn't find anything, but my bugzilla-fu is weak.) RPM will attempt to install truncated (and probably otherwise damaged packages) and then fail in a non-safe manner. In the following (real) example, kernel-debuginfo-2.6.13-1.1526_FC4.x86_64.rpm was truncated, RPM attempted the install anyway, it failed, and it left files from the package on the filesystem but failed to include the package in the RPM database. Ideally, RPM would check the validity of all headers, verify that the transaction is possible, check the validity of the whole packages, and then run the transaction. --- [root@entropy packages]# rpm -Fvh kernel-*2.6.13* Preparing... ########################################### [100%] 1:kernel-smp-devel ########################################### [ 33%] 2:kernel-debuginfo ########################################### [ 67%] error: unpacking of archive failed on file /usr/lib/debug/lib/modules/2.6.13-1.1526_FC4smp/kernel/drivers/net/skfp/skfp.ko.debug;433ce471: cpio: read 3:kernel-smp ########################################### [100%] [root@entropy packages]# rpm -q kernel-debuginfo kernel-debuginfo-2.6.12-1.1447_FC4 kernel-debuginfo-2.6.12-1.1456_FC4.njm [root@entropy packages]# rpm -q kernel-smp kernel-smp-2.6.13-1.1526_FC4 [root@entropy packages]# cd /usr/lib/debug/lib/modules/ [root@entropy modules]# ls 2.6.12-1.1447_FC4 2.6.12-1.1456_FC4.njmsmp 2.6.13-1.1526_FC4smp 2.6.12-1.1447_FC4smp 2.6.13-1.1526_FC4
rpm will check the header+payload md5 sum if configured to do so, configuration is even mode specifix, so that install/eras/freshen checks but query does not. rpm -K *.rpm will always check the header+payload md5 any time you want as well.
This should be on by default for all modes that deal with .rpm files.
There is no way to simultaneously please users who wish fast and users who wish safe in one default configuration. Configure rpm to your needs.
By default, RPM should be configured for "safe", not "it's fast, but it'll randomly break your system."
That's your opinion. Other opinions are possible. No matter what, there can be onl;y one default configuration.
The default configuration is wrong. It should not be possible for a system administrator to damage the system just by attempting a package install. And as much as it's nice for volunteers to help out with Fedora bug triage, I'd really appreciate it if you'd stop messing with this bug until an actual Red Hat employee and/or RPM developer gets involved.
I am the maintainer of rpm. It's not going to be fixed in upstream rpm. Period. But feel free to shop an answer from Red Hat. Have fun!
NEEDINFO_ENG for Red Hat answer shopping ...
I just stumbled on this too, I must agree with Nicholas Miell that a fast-and-flaky default seems like an unusually bad idea. That said I don't blame the rpm-maintainer since the funtionality is there but not used...
NEEDINFO_ENG has been deprecated in favor of NEEDINFO or ASSIGNED. Changing status to ASSIGNED for ENG review.
Verifying header+payload contents using a md5 digest when reading a package is a configurable option in rpm using rpmtsVSFlags() through rpmReadPackageFile(). So the setting is application and site specific. The default value of the behavior is off because the additional benefit of detecting an occaisional faulty download is less than the additional cost of computing the digest. The choice of default is consistent with current applications that use rpmlib. Change the application behavior, and I'll change rpm's default setting.