/lib/live/boot/0030-verify-checksums is in open-infrastructure-system-boot 20161101-lts2-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 | #!/bin/sh
#set -e
Verify_checksums ()
{
for _PARAMETER in ${LIVE_BOOT_CMDLINE}
do
case "${_PARAMETER}" in
live-boot.verify-checksums=*|verify-checksums=*)
LIVE_VERIFY_CHECKSUMS="true"
LIVE_VERIFY_CHECKSUMS_DIGESTS="${_PARAMETER#*verify-checksums=}"
;;
live-boot.verify-checksums|verify-checksums)
LIVE_VERIFY_CHECKSUMS="true"
;;
esac
done
case "${LIVE_VERIFY_CHECKSUMS}" in
true)
;;
*)
return 0
;;
esac
_MOUNTPOINT="${1}"
LIVE_VERIFY_CHECKSUMS_DIGESTS="${LIVE_VERIFY_CHECKSUMS_DIGESTS:-sha512 sha384 sha256 sha224 sha1 md5}"
_TTY="/dev/tty8"
log_begin_msg "Verifying checksums"
cd "${_MOUNTPOINT}"
for _DIGEST in $(echo ${LIVE_VERIFY_CHECKSUMS_DIGESTS} | sed -e 's|,| |g')
do
_CHECKSUMS="$(echo ${_DIGEST} | tr [a-z] [A-Z])SUMS ${_DIGEST}sum.txt"
for _CHECKSUM in ${_CHECKSUMS}
do
if [ -e "${_CHECKSUM}" ]
then
echo "Found ${_CHECKSUM}..." > "${_TTY}"
if [ -e "/bin/${_DIGEST}sum" ]
then
echo "Checking ${_CHECKSUM}..." > "${_TTY}"
# Verify checksums
/bin/${_DIGEST}sum -c "${_CHECKSUM}" < "${_TTY}" > "${_TTY}"
_RETURN="${?}"
# Stop after first verification
break
else
echo "Not found /bin/${_DIGEST}sum..." > "${_TTY}"
fi
fi
done
done
log_end_msg
case "${_RETURN}" in
0)
log_success_msg "Verification successfull, rebooting in 10 seconds."
sleep 10
# Unmount live-media
cd /
umount -f "${_MOUNTPOINT}" > /dev/null 2>&1
sync
# Attempt to remount all mounted filesystems read-only
echo u > /proc/sysrq-trigger
# Immediately reboot the system without syncing or unmounting filesystems
echo b > /proc/sysrq-trigger
;;
*)
panic "Verification failed, $(basename ${_TTY}) for more information."
;;
esac
}
|