Current location

narf Source control manager Git

summaryrefslogtreecommitdiff
blob: d81117c2b19ae23841a2be1050de82ec8d5699c0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/bin/bash
# Scan an ArchLinux system against the official packages for modification or
# tampering of installed files
# Copyright (c) 2009, Olivier Mehani <shtrom@ssji.net>
# All rights reserved.
#
# $Id$
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright notice, this
#    list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
#    this list of conditions and the following disclaimer in the documentation
#    and/or other materials provided with the distribution.
# 3. Neither the name of Olivier Mehani nor the names of its contributors
#    may be used to endorse or promote products derived from this software
#    without specific prior written permission.
# 
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
# 
PACKAGES=`pacman -Qs | sed -n "s#local\/\([-a-z0-9_]\+\) \([-\.0-9a-z]\+\).*#\1-\2#p"`
CACHEDIR="/var/cache/pacman/pkg"

WORKDIR=`mktemp -t -d arch_check.XXXXXXXXXX`
LOGFILE=`pwd`/arch_check.`date +%Y%m%d-%H%M`

echo "Checking installed Arch system against packages"
echo ">> Considering `echo ${PACKAGES} | wc -w` packages"
echo ">> Working in ${WORKDIR}"

cat >> ${LOGFILE} << EOF 
$0 started at `date`
Workdir: ${WORKDIR}
EOF

for PKG in ${PACKAGES}; do
	echo ">> Considering ${PKG}"
	cd ${WORKDIR}
	rm -rf *
	pacman -Ss -w ${PKG} 
	PKG_ARCHIVE=`ls ${CACHEDIR}/${PKG}-*.pkg.tar.gz 2> /dev/null`
	if [ ! -z "${PKG_ARCHIVE}" ]; then
		tar xzf ${PKG_ARCHIVE}
		rm -f .PKGINFO .CHANGELOG .INSTALL .FILELIST
		for FILE in `find . -type f`; do
			LOCAL_SUM=`md5sum /${FILE} | cut -d" " -f 1`
			SHIPPED_SUM=`md5sum ${FILE} | cut -d" " -f 1`
			if [ "${LOCAL_SUM}" != "${SHIPPED_SUM}" ]; then 
				echo "!! MD5 mismatch for \`${FILE}' in \`${PKG_ARCHIVE}' (${LOCAL_SUM} instead of ${SHIPPED_SUM})"
				echo "MD5 mismatch for \`${FILE}' in \`${PKG_ARCHIVE}' (${LOCAL_SUM} instead of ${SHIPPED_SUM})" >> ${LOGFILE}
			else
				LOCAL_SUM=`sha1sum /${FILE} | cut -d" " -f 1`
				SHIPPED_SUM=`sha1sum ${FILE} | cut -d" " -f 1`
				if [ "${LOCAL_SUM}" != "${SHIPPED_SUM}" ]; then
					echo "!! SHA1 mismatch for \`${FILE}' in \`${PKG_ARCHIVE}' (${LOCAL_SUM} instead of ${SHIPPED_SUM})"
					echo " SHA1 mismatch for \`${FILE}' in \`${PKG_ARCHIVE}' (${LOCAL_SUM} instead of ${SHIPPED_SUM})" >> ${LOGFILE}
				fi
			fi
		done
	else
		echo "!! No ${CACHEDIR}/${PKG}-*.pkg.tar.gz found"
		echo "No ${CACHEDIR}/${PKG}-*.pkg.tar.gz found" >> ${LOGFILE}

	fi
done
rm -rf ${WORKDIR}