making better use of package checksums

Robert Connolly robert at linuxfromscratch.org
Wed May 30 09:54:43 PDT 2007


Hi. I made this function to check for gpg signatures and checksums each time I 
run tar. Maybe some of you would like it too:

function tar() {
  if [ $1 == "xf" ] || [ $1 == "xvf" ] ; then
    if [ -f ${2} ] ; then
      if [ -f ${2}.sig ] ; then
        gpg --verify ${2}.sig &&
        /bin/tar $1 $2
      elif [ -f ${2}.sign ] ; then
        gpg --verify ${2}.sign &&
        /bin/tar $1 $2
      elif [ -f ${2}.asc ] ; then
        gpg --verify ${2}.asc &&
        /bin/tar $1 $2
      elif [ -f ${2}.md5 ] ; then
        md5sum --check ${2}.md5 &&
        /bin/tar $1 $2
      elif [ -f ${2}.sha1 ] ; then
        sha1sum --check ${2}.sha1 &&
        /bin/tar $1 $2
      elif [ -f ${2}.sha ] ; then
        sha1sum --check ${2}.sha &&
        /bin/tar $1 $2
      fi
    fi
  else
    /bin/tar $1 $2
  fi
}

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-chat/attachments/20070530/52a1fdc4/attachment.sig>


More information about the lfs-chat mailing list