components/0030-verify-checksums

   1 #!/bin/sh
   2
   3 #set -e
   4
   5 Verify_checksums ()
   6 {
   7         for _PARAMETER in ${LIVE_BOOT_CMDLINE}
   8         do
   9                 case "${_PARAMETER}" in
  10                         live-boot.verify-checksums=*|verify-checksums=*)
  11                                 LIVE_VERIFY_CHECKSUMS="true"
  12                                 LIVE_VERIFY_CHECKSUMS_DIGESTS="${_PARAMETER#*verify-checksums=}"
  13                                 ;;
  14
  15                         live-boot.verify-checksums|verify-checksums)
  16                                 LIVE_VERIFY_CHECKSUMS="true"
  17                                 ;;
  18                 esac
  19         done
  20
  21         case "${LIVE_VERIFY_CHECKSUMS}" in
  22                 true)
  23                         ;;
  24
  25                 *)
  26                         return 0
  27                         ;;
  28         esac
  29
  30         _MOUNTPOINT="${1}"
  31
  32         LIVE_VERIFY_CHECKSUMS_DIGESTS="${LIVE_VERIFY_CHECKSUMS_DIGESTS:-sha512 sha384 sha256 sha224 sha1 md5}"
  33         _TTY="/dev/tty8"
  34
  35         log_begin_msg "Verifying checksums"
  36
  37         cd "${_MOUNTPOINT}"
  38
  39         for _DIGEST in $(echo ${LIVE_VERIFY_CHECKSUMS_DIGESTS} | sed -e 's|,| |g')
  40         do
  41                 _CHECKSUMS="$(echo ${_DIGEST} | tr [a-z] [A-Z])SUMS ${_DIGEST}sum.txt"
  42
  43                 for _CHECKSUM in ${_CHECKSUMS}
  44                 do
  45                         if [ -e "${_CHECKSUM}" ]
  46                         then
  47                                 echo "Found ${_CHECKSUM}..." > "${_TTY}"
  48
  49                                 if [ -e "/bin/${_DIGEST}sum" ]
  50                                 then
  51                                         echo "Checking ${_CHECKSUM}..." > "${_TTY}"
  52
  53                                         # Verify checksums
  54                                         grep -v '^#' "${_CHECKSUM}" | /bin/${_DIGEST}sum -c > "${_TTY}"
  55                                         _RETURN="${?}"
  56
  57                                         # Stop after first verification
  58                                         break
  59                                 else
  60                                         echo "Not found /bin/${_DIGEST}sum..." > "${_TTY}"
  61                                 fi
  62                         fi
  63                 done
  64         done
  65
  66         log_end_msg
  67
  68         case "${_RETURN}" in
  69                 0)
  70                         log_success_msg "Verification successfull, rebooting in 10 seconds."
  71                         sleep 10
  72
  73                         # Unmount live-media
  74                         cd /
  75                         umount -f "${_MOUNTPOINT}" > /dev/null 2>&1
  76                         sync
  77
  78                         # Attempt to remount all mounted filesystems read-only
  79                         echo u > /proc/sysrq-trigger
  80
  81                         # Immediately reboot the system without syncing or unmounting filesystems
  82                         echo b > /proc/sysrq-trigger
  83                         ;;
  84
  85                 *)
  86                         panic "Verification failed, $(basename ${_TTY}) for more information."
  87                         ;;
  88         esac
  89 }