Reputation: 183
Utilizing RPM database checksums
I would like write my own verification program, ensuring files downloaded from a yum repo have the same checksum as they came with. This is akin to yum-verify.
On Ubuntu, this is done by gathering the contents of .md5sums files. I believe on RedHat, this information is kept in Berkeley DB files located /var/lib/rpm. Utilizing db_dump on BaseNames, Packages, Sha1header, and Sigmd5, I explored the files and do not think they are self-explanatory.
Basically, how can I verify the checksum of a given file programmatically (no bash scripting utilizing yum-verify)?
TIA.
Upvotes: 0
Views: 569
Answers (1)
Reputation: 2390
See rpm --verify code in lib/verify.c for how to retrieve/verify file digests using C.
Python bindings likely have enough methods to retrieve/verify file digests (but I can't think of any Python app that is widely used that implements rpm file digest verification intelligently)
Upvotes: 1
Related Questions
- What is the rpm package checksum for?
- How to read var/lib/rpm/Packages content
- How is the open-check-sum generated in repomd files?
- Is there an easy way to verify/compare installation against an RPM file?
- rpm verify - ignore config files
- How would I make "read" command work in RPM spec file?
- How do I force rpm -V to verify ALL files?
- quick RPM database test for changes
- How to build the rpm package with SHA-256 checksum for files?
- Test installation of RPM packages