scripts/boot/3010-verify-checksums

   1 #!/bin/sh
   2
   3 #set -e
   4
   5 Verify_checksums ()
   6 {
   7         for _PARAMETER in ${_CMDLINE}
   8         do
   9                 case "${_PARAMETER}" in
  10                         live-boot.verify-checksums=*|verify-checksums=*)
  11                                 LIVE_VERIFY_CHECKSUMS="true"
  12                                 LIVE_VERIFY_CHECKSUMS_DIGESTS="${_PARAMETER#*verify-checksums=}"
  13                                 ;;
  14
  15                         live-boot.verify-checksums|verify-checksums)
  16                                 LIVE_VERIFY_CHECKSUMS="true"
  17                                 ;;
  18                 esac
  19         done
  20
  21         if [ "${LIVE_VERIFY_CHECKSUMS}" != "true" ]
  22         then
  23                 return 0
  24         fi
  25
  26         _MOUNTPOINT="${1}"
  27
  28         LIVE_VERIFY_CHECKSUMS_DIGESTS="${LIVE_VERIFY_CHECKSUMS_DIGESTS:-sha512 sha384 sha256 sha224 sha1 md5}"
  29         _TTY="/dev/tty8"
  30
  31         log_begin_msg "Verifying checksums"
  32
  33         cd "${_MOUNTPOINT}"
  34
  35         for _DIGEST in $(echo ${LIVE_VERIFY_CHECKSUMS_DIGESTS} | sed -e 's|,| |g')
  36         do
  37                 _CHECKSUMS="$(echo ${_DIGEST} | tr [a-z] [A-Z])SUMS"
  38
  39                 if [ -e "${_CHECKSUMS}" ]
  40                 then
  41                         echo "Found ${_CHECKSUMS}..." > "${_TTY}"
  42
  43                         if [ -e "/bin/${_DIGEST}sum" ]
  44                         then
  45                                 echo "Checking ${_CHECKSUMS}..." > "${_TTY}"
  46
  47                                 # Verify checksums
  48                                 /bin/${_DIGEST}sum -c "${_CHECKSUMS}" < "${_TTY}" > "${_TTY}"
  49                                 _RETURN="${?}"
  50
  51                                 # Stop after first verification
  52                                 break
  53                         else
  54                                 echo "Not found /bin/${_DIGEST}sum..." > "${_TTY}"
  55                         fi
  56                 fi
  57         done
  58
  59         log_end_msg
  60
  61         case "${_RETURN}" in
  62                 0)
  63                         log_success_msg "Verification successfull, rebooting in 10 seconds."
  64                         sleep 10
  65
  66                         # Unmount live-media
  67                         cd /
  68                         umount -f ${_MOUNTPOINT} > /dev/null 2>&1
  69                         sync
  70
  71                         # Attempt to remount all mounted filesystems read-only
  72                         echo u > /proc/sysrq-trigger
  73
  74                         # Immediately reboot the system without syncing or unmounting filesystems
  75                         echo b > /proc/sysrq-trigger
  76                         ;;
  77
  78                 *)
  79                         panic "Verification failed, $(basename ${_TTY}) for more information."
  80                         ;;
  81         esac
  82 }