Thanks for the helpful info, one and all! Especially Greg for those tools.
Unfortunately, I seem to have trouble with a couple older monolithic images still in use. (Yes, I'm trying to revamp imaging here, but it's a slooow work in progress...)
When Greg's 'checkPackageSignatures' scans my repository, it does throw those BSD.pkg errors similar to
Could not open package: /private/tmp/dmg.fhUwhJ/Library/Receipts/BSD.pkg
For most, I know I can ignore that. But for some older monolithic images still in use, in addition to the BSD.pkg error above, I still get various "Package X signed by a cert that has since expired" messages as well.
So... this doesn't make sense to me. But pushing one of those images via Casper results in a machine that kernel panics every time I try to boot (plus 2+ hours to finish imaging). Any ideas? Running the flatpkgfixer script on the image throws errors too.
Is anyone else having trouble imaging with existing OS images build with "bad" packages? As I said, it doesn't make sense to me, so if anyone can explain I'll appreciate it! This is a monolithic image built on one machine and uploaded to Casper. It's big (read 100gb) but has worked fine enough so far. No one has imaged with it since before the Package Apocalypse until I tested it this week.
If we do need to rebuild these from scratch, it'll be a good excuse to move to a more modular style...