pld-ftp-admin: bin/pfa-checksign (NEW)=?UTF-8?Q?=20?=- simple tool to verify if packages ...

baggins baggins at pld-linux.org
Fri Jul 20 13:20:24 CEST 2012


Author: baggins                      Date: Fri Jul 20 11:20:24 2012 GMT
Module: pld-ftp-admin                 Tag: HEAD
---- Log message:
- simple tool to verify if packages are signed

---- Files affected:
pld-ftp-admin/bin:
   pfa-checksign (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: pld-ftp-admin/bin/pfa-checksign
diff -u /dev/null pld-ftp-admin/bin/pfa-checksign:1.1
--- /dev/null	Fri Jul 20 13:20:24 2012
+++ pld-ftp-admin/bin/pfa-checksign	Fri Jul 20 13:20:19 2012
@@ -0,0 +1,76 @@
+#!/usr/bin/env python
+# vi: encoding=utf-8 ts=8 sts=4 sw=4 et
+
+import sys, os
+import getopt
+sys.path.insert(0, os.environ['HOME']+'/pld-ftp-admin/modules')
+import ftptree
+import getpass
+from common import checkdir
+import ftpio
+from config import sign_key
+from sign import is_signed, signpkgs
+
+try:
+    opts, args = getopt.getopt(sys.argv[1:], '')
+except getopt.GetoptError:
+    print >>sys.stderr, "ERR: options error"
+    print >>sys.stderr, "checksign.py tree package1 [package2...]"
+    sys.exit(1)
+
+if len(args) < 1:
+    print >>sys.stderr, "ERR: missing tree name"
+    print >>sys.stderr, "checksign.py tree package1 [package2...]"
+    sys.exit(1)
+
+if sign_key == None:
+    print >>sys.stderr, "ERR: sign_key not defined in config"
+    sys.exit(1)
+
+treename = args[0]
+packages = args[1:]
+
+checkdir(treename)
+
+ftpio.connect('sign')
+
+if not ftpio.lock(treename, True):
+    print >>sys.stderr, "ERR: %s tree already locked" % treename
+    sys.exit(1)
+
+files = []
+try:
+    if len(packages) < 1:
+        loadall = True
+    else:
+        loadall = False
+
+    # if no files specified, grab whole tree contents
+    tree = ftptree.FtpTree(treename, loadall = loadall)
+    if loadall:
+        # this is hack, should be a param, not access private .loadedpkgs element
+        tree.mark4moving(tree.loadedpkgs)
+    else:
+        tree.mark4moving(packages)
+
+except ftptree.SomeError:
+    # In case of problems we need to unlock the tree before exiting
+    ftpio.unlock(treename)
+    sys.exit(1)
+
+ftpio.unlock(treename)
+
+print "Checking signatures of %d packages" % len(tree.loadedpkgs)
+sign = []
+for pkg in tree.marked4moving:
+    unsigned = 0
+    for file in pkg.rpmfiles():
+        if not is_signed(file):
+            unsigned += 1
+
+    if unsigned != 0:
+        print '%s: %d files NOT signed' % (pkg.nvr, unsigned)
+    else:
+        print '%s signed' % pkg.nvr
+
+sys.exit(0)
================================================================


More information about the pld-cvs-commit mailing list