Add a way to prevent inconsistencies between repackaged and official packages
repkg will be used to create custom repositories that contain alternative versions of official packages. It is important that they remain in sync, to avoid versioning issues (e.g. if glibc
and everything depending on it is updated in the official repos, but the "fixed" repository still contains an older glibc version).
There should thus be a way to compare the version of each repackaged package in one repository with its official counterpart, to make sure there are no inconsistencies. To avoid being bitten by TOCTOU, I believe we require something like this:
- Run a
-y
/--refresh
to an intermediate location (likecheckupdates
); - Check that there are no version inconsistencies;
- Replace the system-wide sync-databases in
/var/lib/pacman/sync
with the intermediate one.
Essentially, this is a "checkupdates on steroids" or "safe -Sy". I'm not sure if there is already a tool for this, though, so instead of reinventing the wheel by writing a script for this, we should first check for available tools.