feather/contrib/build-deps/verify-packages.sh

37 lines
1,001 B
Bash
Raw Normal View History

2021-06-18 22:06:57 +00:00
#!/usr/bin/env bash
set -e
2021-08-29 18:07:19 +00:00
arch="amd64"
if [ "$(uname -m)" = "aarch64" ]; then
arch="arm64"
fi
2021-06-18 22:06:57 +00:00
cd /deps
for target in bionic bionic-updates bionic-security
do
pushd "$target"
# Verify Releases
gpg --no-default-keyring --keyring /usr/share/keyrings/ubuntu-archive-keyring.gpg --verify Release.gpg Release
for repo in main multiverse restricted universe
do
pushd "$repo"
# Verify Packages.xz
2021-08-29 18:07:19 +00:00
sha256=`cat ../Release | grep "$repo/binary-$arch/Packages.xz" | tail -n 1 | awk '{print $1}'`
2021-06-18 22:06:57 +00:00
echo "$sha256 Packages.xz" | sha256sum -c
xz -d -c Packages.xz >> ../../Packages-all
popd
done
popd
done
# Verify individual .deb files
cd /archives
for deb in *.deb; do
file_name=`echo $deb | sed 's/[0-9]*%3a//g'` # --download-only uses this version format sometimes, not sure what that is all about
sha256=`sed -n "/\/${file_name}$"'/{:start /SHA256: /!{N;b start};//p}' /deps/Packages-all | tail -n 1 | awk '{print $2}'`
echo "$sha256 $deb" | sha256sum -c
2021-08-29 18:07:19 +00:00
done