Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 11 Mar 2010 16:18:21 -0800
From:      Micheas Herman <m@micheas.net>
To:        freebsd-security@freebsd.org
Subject:   Re: online cheksum verification for FreeBSD
Message-ID:  <1268353101.32610.26916.camel@vcampaign>
In-Reply-To: <4B993458.8000403@gmail.com>
References:  <4B97AB28.8060403@gmail.com> <20100310185328.GD37825@server.vk2pj.dyndns.org> <4B97C1D1.7050209@gmail.com> <d8e57f271003101209l4d3e3f68l7b1b4e41e2b8f608@mail.gmail.com> <4B993458.8000403@gmail.com>
index | next in thread | previous in thread | raw e-mail 

On Thu, 2010-03-11 at 19:20 +0100, Elmar Stellnberger wrote: 
> Giancarlo Rubio schrieb:
> > rodando nos 2 servidores!!!
> >   
>   Could anyone help me in how to obtain online cheksums for FreeBSD?

        Um, most FreeBSD users compile from source with a
        custom /etc/make.conf file.
        
        There online pkgs, but I don't know of anyone that commonly uses
        them. I know people uses them for openoffice and a few of the
        things that take a long time to download, but not commonly.
        
        You can download the packages from:
        
        ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/
        
        and run pkg_check You might be able to extract the signature
        from the package.
        
        The packages themselves are signed. There is no separate
        signature file. /etc/ssl/pkg.crt is the location of the public
        key for the packages.
        
        Basically, there are no online checksums for FreeBSD.
        
        http://www.gsp.com/cgi-bin/man.cgi?section=1&topic=pkg_sign
        
        might help you.
        
        Personally I don't bother to sign my packages because I never
        install them on more the four machines and never more than a few
        hours after the package was built.
        
        If I had more FreeBSD machines to deal with, I might sign my
        packages just as a best practice, but I doubt it would really do
        any good, except that the machines would only accept packages
        from the build server, and not upstream with out squawking.
        
        
        I hope this points you in a helpful way.
        
        Micheas
        
        
        

> Then it should be no problem to port checkroot.  I have received some
> valueable input from the openSUSE community in this regard before
> venturing the current implementation. Where do we have people who
> are familiar with the package management of FreeBSD?
> 
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

-- 
I was gratified to be able to answer promptly, and I did. I said I didn't know.
		-- Mark Twain
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1268353101.32610.26916.camel>