-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We had some system problems and groped around a bit to figure out what
was broken.  In the process we stumbled over a curiosity which maybe
someone knows the answer to.  The "rpm --dump -q ..." command can dump
all the file properties for a given package.  Among the properties is
something documented as an md5sum.  This does not appear to be the same
md5sum that the md5sum command gives - except in the case of text files.
 Here is an example:

$ rpm --dump -q bash | grep ^/bin/bash\
/bin/bash 741384 1155510881 d9fc37e72601d7f756dee6c7f2f70dcd 0100755
root root 0 0 0 X
$ md5sum /bin/bash
234de4be15eeba794e5cb4f0996e6156  /bin/bash
$ rpm --verify bash
$

At first I thought I had been hacked but it is consistent across several
systems and even the md5sum for (take this example /bin/bash) the files
appears to vary from system to system.  Is there an acl issue here?  If
this is it how do you tell md5sum to ignore the extra file data?  I know
that rpm is consistent in that a change in the file will lead to a "5"
in the verify.  Anyone have a clue as to why this would be or how to
construct an equivalent sum?
- --
Robert E. Blair, Room E277, Building 362
Argonne National Laboratory (High Energy Physics Division)
9700 South Cass Avenue, Argonne, IL 60439, USA
Phone: (630)-252-7545  FAX: (630)-252-5782
GnuPG Public Key: http://www.hep.anl.gov/reb/key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFFgWRfCDBz0lN+7YcRAs0FAKCXbfJKt6/MW2jC3bGf6j1nDc1wAwCgpSC6
NELTxuqMaoqdO7RzDdeuUrw=
=IWZV
-----END PGP SIGNATURE-----