3 # Package checksums checking script
4 # (C) 2018 CZ.NIC, z.s.p.o.
6 # This program is free software: you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation, either version 3 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
28 while expr "x$1" : "x-" > /dev
/null
; do
29 if [ "x$1" = "x-s" ]; then
32 elif [ "x$1" = "x-v" ]; then
36 echo "Usage: $(basename $0) [-s] [-v] [pkg1 pkg2 ...]"
38 echo " -s Stop on first change"
40 if [ "x$1" = "x-h" ]; then
44 echo "ERROR: Unknown option '$1'"
50 # Check all packages by default
52 set $
(cd /usr
/lib
/opkg
/info
/; for i
in *.files-sha256sum
; do basename $i .files-sha256sum
; done)
55 # Iterate over packages
57 if [ \
! -f "/usr/lib/opkg/info/$1.files-sha256sum" ]; then
58 if [ "$ERRFATAL" = no
]; then
59 echo " * No checksums for $1 - skipping"
62 echo " * No checksums for $1 - exiting"
65 if [ -z "$MISSING" ]; then
68 MISSING
="$MISSING, $1"
73 [ $QUIET = yes ] ||
echo " * Checking package $1:"
75 CHECK
="$(sha256sum -c /usr/lib/opkg/info/$1.files-sha256sum 2> /dev/null)"
77 # Are the changed files config files?
78 if [ $?
-ne 0 ] && [ "$(cat "/usr
/lib
/opkg
/info
/$1.files-sha256sum
")" ]; then
79 NEWCHECK
="$(echo "$CHECK" | grep '^.*: OK$')"
80 for i
in $
(echo "$CHECK" |
sed -n 's|^\(.*\): FAILED$|\1|p'); do
81 if [ "$(grep "^
$i\$
" "/usr
/lib
/opkg
/info
/$1.conffiles
" 2> /dev/null)" ] || \
82 [ "$(echo "$i" | grep "^
/etc
/uci-defaults
/")" ]; then
83 NEWCHECK
="${NEWCHECK}${NL}${i}: CONFIGURED"
85 NEWCHECK
="${NEWCHECK}${NL}${i}: FAILED"
92 # Do we have changed files or not?
93 if [ -z "$ERR" ]; then
94 [ $QUIET = yes ] ||
[ ! -s "/usr/lib/opkg/info/$1.files-sha256sum" ] ||
echo "$CHECK" |
sed 's|^| - |'
95 [ $QUIET = yes ] ||
echo " * Package $1 is ok"
96 [ $QUIET = yes ] ||
echo
98 if [ $QUIET = yes ]; then
99 echo " * Changes found in package $1:"
100 echo "$CHECK" |
sed -n 's|^\(.*:[[:blank:]]*FAILED\)$| - \1|p'
102 echo "$CHECK" |
sed 's|^| - |'
103 echo " * Changes found in package $1!"
105 if [ "$ERRFATAL" = yes ]; then
107 echo "Exiting on first change found!"
110 for i
in $
(echo "$CHECK" |
sed -n 's|^\(.*\): FAILED$|\1|p'); do
111 SUMMARY
="${SUMMARY}${NL} - $1: $i"
118 # If there are changed files, report them
119 if [ "$SUMMARY" ]; then
120 echo "Some packages contain changed files!"
121 echo "Maybe something worth looking into?"
122 echo "Here is the list of packages and changed files:"
125 if [ "$MISSING" ]; then
126 echo "Following packages are missing checksums: $MISSING"
128 if [ "$MISSING" ] ||
[ "$SUMMARY" ]; then