online cheksum verification for FreeBSD
Micheas Herman
m at micheas.net
Fri Mar 12 00:18:28 UTC 2010
On Thu, 2010-03-11 at 19:20 +0100, Elmar Stellnberger wrote:
> Giancarlo Rubio schrieb:
> > rodando nos 2 servidores!!!
> >
> Could anyone help me in how to obtain online cheksums for FreeBSD?
Um, most FreeBSD users compile from source with a
custom /etc/make.conf file.
There online pkgs, but I don't know of anyone that commonly uses
them. I know people uses them for openoffice and a few of the
things that take a long time to download, but not commonly.
You can download the packages from:
ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/
and run pkg_check You might be able to extract the signature
from the package.
The packages themselves are signed. There is no separate
signature file. /etc/ssl/pkg.crt is the location of the public
key for the packages.
Basically, there are no online checksums for FreeBSD.
http://www.gsp.com/cgi-bin/man.cgi?section=1&topic=pkg_sign
might help you.
Personally I don't bother to sign my packages because I never
install them on more the four machines and never more than a few
hours after the package was built.
If I had more FreeBSD machines to deal with, I might sign my
packages just as a best practice, but I doubt it would really do
any good, except that the machines would only accept packages
from the build server, and not upstream with out squawking.
I hope this points you in a helpful way.
Micheas
> Then it should be no problem to port checkroot. I have received some
> valueable input from the openSUSE community in this regard before
> venturing the current implementation. Where do we have people who
> are familiar with the package management of FreeBSD?
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
--
I was gratified to be able to answer promptly, and I did. I said I didn't know.
-- Mark Twain
More information about the freebsd-security
mailing list