<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jul 22, 2014 at 2:01 PM, Kyle Sammons <span dir="ltr"><<a href="mailto:ksammons@macports.org" target="_blank">ksammons@macports.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">There are some more unusual ways that people manage to break their<br>
systems, like replacing executables (sed, tar, etc...) in /usr/bin with<br>
incompatible versions (or just deleting them). I'm not sure if you want<br>
to go down that rabbit hole, but if you can find a general way of<br>
checking that won't break when OS updates change the files, that'd be great.<br>
<br>
</blockquote></div>
Hmm. I'm not entirely sure how that would work, or even if it would work, but I'll definitely keep it in mind.<br></blockquote></div><br>There are BOM files for OS packages that can be used to verify the standard contents of /usr/bin; this is what Disk Utility's check permissions functionality uses, and if it's not available directly via pkgutil then you can at least use it to find the BOM files and then validate the current paths against them.<br clear="all">
<div><br></div>-- <br><div dir="ltr"><div>brandon s allbery kf8nh sine nomine associates</div><div><a href="mailto:allbery.b@gmail.com" target="_blank">allbery.b@gmail.com</a> <a href="mailto:ballbery@sinenomine.net" target="_blank">ballbery@sinenomine.net</a></div>
<div>unix, openafs, kerberos, infrastructure, xmonad <a href="http://sinenomine.net" target="_blank">http://sinenomine.net</a></div></div>
</div></div>