[Popcon-developers] Why isn't all files in a package checked?
Avery Pennarun
apenwarr@nit.ca
Wed, 6 Jul 2005 15:59:33 -0400
On Wed, Jul 06, 2005 at 09:40:51PM +0200, Petter Reinholdtsen wrote:
> In popcon, there is code to loop over all installed packages, then
> loop over all files in the package, and finally check the access time
> of all files with names matching this regex:
>
> m{/bin/|/sbin/|^/usr/games/|\.[ah]$|\.pm$}
>
> But I fail to find any rationale in the package why only those files
> are checked. Anyone know more? I saw in bug #270514 an hypothesis
> that it was to avoid false positives, and I personally have a
> hypothesis that it is to speed up the processing time by not doing
> stat() on all files in the system.
There are several reasons not to do all files on the whole system. An
obvious reason is, like you say, stat() on all files on the whole system is
very slow.
Also, libraries (*.so.*) are all opened every time someone does ldconfig,
even if they haven't changed. (This is really a shame, since it means we
can't ever reasonbly detect whether a library package is needed.)
Files in /usr/share/doc or /usr/share/man might be randomly opened by
documentation-indexing software.
Files in /etc might be opened by nightly config-backup scripts.
And so on. There really isn't much to go by other than actual executables
and a very small number of other "probably safe" files (*.a, *.pm, *.h).
Have fun,
Avery