|
|
|
@ -3,7 +3,12 @@
|
|
|
|
|
verify_rpm() {
|
|
|
|
|
RPM=$1
|
|
|
|
|
|
|
|
|
|
if ! rpm --checksig $1 > /dev/null; then
|
|
|
|
|
if ! [ -f $RPM ]; then
|
|
|
|
|
echo -n "No such file... "
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if ! rpm --checksig $RPM > /dev/null; then
|
|
|
|
|
echo "Wrong PGP signature!"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
@ -12,7 +17,7 @@ fi
|
|
|
|
|
# mean that the rpm has been signed! It might simply
|
|
|
|
|
# have no PGP signature at all. Yes, stupidity...
|
|
|
|
|
|
|
|
|
|
if ! rpm --checksig $1 | grep pgp > /dev/null ; then
|
|
|
|
|
if ! rpm --checksig $RPM | grep pgp > /dev/null ; then
|
|
|
|
|
echo "No PGP signature found!"
|
|
|
|
|
|
|
|
|
|
if [ "$NO_SIGN" == "1" ] ; then
|
|
|
|
@ -27,7 +32,6 @@ fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo "NO_SIGN = $NO_SIGN"
|
|
|
|
|
if [ $# -lt 1 ]; then
|
|
|
|
|
echo "Usage: $0 <rpm file>"
|
|
|
|
|
exit 1
|
|
|
|
|