Improving availability and guaranteeing integrity in ISO - internal sha1sums
Nicolas Mailhot
nicolas.mailhot at laposte.net
Sun Jun 10 09:48:41 UTC 2007
Le dimanche 10 juin 2007 à 14:37 +1000, David Timms a écrit :
> Nicolas Mailhot wrote:
> > Le samedi 09 juin 2007 à 12:20 +1000, David Timms a écrit :
> >
> >> The simplest way to do this would be for the iso spin system to perform
> >> an sha1sum * > SHA1SUM within each directory of an iso spin, and have
> >> each result inserted into the corresponding directory.
> >
> > 1. you don't want many scattered checksum files, you want one file for
> > the whole disk, so users can find/filter it easily (use find to get a
> > recursive file list, sort/filter, checksum it)
> That would be nice, but the standard tools don't do this AFAIK ? {no
> recursive option ?}
so you use find and friends to generate a list for the checksumming tool
(testing for symlinks, spaces, etc). Though a standard receipe would be
nice
> > 2. burn apps suchs as brasero/k3b? already generete this file if asked
> > (using md5 which is IMHO a mistake today)
> It is done as far as I understand for the whole image
No. On the file list
> > 3. you want this checksum file signed
> Yes. This would already be done by the checksum process that is already
> in place - signed sha1sum of the whole .iso file, published along side
> the iso file.
Useless. Either you want file-level checksumming (implying you want to
use the disk if you don't need a damaged part) and everything done at
the iso level can't be used, or you want to check the whole disk, and
file-level checksums are overkill
--
Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20070610/ccfb87ba/attachment.sig>
More information about the fedora-devel-list
mailing list