diff options
| author | Jan Rękorajski | 2012-07-20 11:20:19 (GMT) |
|---|---|---|
| committer | Jan Rękorajski | 2012-07-20 11:20:19 (GMT) |
| commit | 785198f5d2d367ecb5b191cf3a4918723170745b (patch) | |
| tree | 78856f762230541de9a20a6e45311fa90d216334 /bin | |
| parent | 00b84b4d323b63ee2b9f02c0abce6b7c4898d5ff (diff) | |
| download | pld-ftp-admin-785198f5d2d367ecb5b191cf3a4918723170745b.zip pld-ftp-admin-785198f5d2d367ecb5b191cf3a4918723170745b.tar.gz | |
- simple tool to verify if packages are signed
Changed files:
bin/pfa-checksign -> 1.1
Diffstat (limited to 'bin')
| -rw-r--r-- | bin/pfa-checksign | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/bin/pfa-checksign b/bin/pfa-checksign new file mode 100644 index 0000000..14060e2 --- /dev/null +++ b/bin/pfa-checksign @@ -0,0 +1,76 @@ +#!/usr/bin/env python +# vi: encoding=utf-8 ts=8 sts=4 sw=4 et + +import sys, os +import getopt +sys.path.insert(0, os.environ['HOME']+'/pld-ftp-admin/modules') +import ftptree +import getpass +from common import checkdir +import ftpio +from config import sign_key +from sign import is_signed, signpkgs + +try: + opts, args = getopt.getopt(sys.argv[1:], '') +except getopt.GetoptError: + print >>sys.stderr, "ERR: options error" + print >>sys.stderr, "checksign.py tree package1 [package2...]" + sys.exit(1) + +if len(args) < 1: + print >>sys.stderr, "ERR: missing tree name" + print >>sys.stderr, "checksign.py tree package1 [package2...]" + sys.exit(1) + +if sign_key == None: + print >>sys.stderr, "ERR: sign_key not defined in config" + sys.exit(1) + +treename = args[0] +packages = args[1:] + +checkdir(treename) + +ftpio.connect('sign') + +if not ftpio.lock(treename, True): + print >>sys.stderr, "ERR: %s tree already locked" % treename + sys.exit(1) + +files = [] +try: + if len(packages) < 1: + loadall = True + else: + loadall = False + + # if no files specified, grab whole tree contents + tree = ftptree.FtpTree(treename, loadall = loadall) + if loadall: + # this is hack, should be a param, not access private .loadedpkgs element + tree.mark4moving(tree.loadedpkgs) + else: + tree.mark4moving(packages) + +except ftptree.SomeError: + # In case of problems we need to unlock the tree before exiting + ftpio.unlock(treename) + sys.exit(1) + +ftpio.unlock(treename) + +print "Checking signatures of %d packages" % len(tree.loadedpkgs) +sign = [] +for pkg in tree.marked4moving: + unsigned = 0 + for file in pkg.rpmfiles(): + if not is_signed(file): + unsigned += 1 + + if unsigned != 0: + print '%s: %d files NOT signed' % (pkg.nvr, unsigned) + else: + print '%s signed' % pkg.nvr + +sys.exit(0) |