apt-move

To: packages@qa.debian.org
Subject: apt-move
From: Peter Dyballa <Peter_Dyballa@Web.DE>
Date: Sat, 2 Apr 2022 13:02:59 +0200
Message-id: <[🔎] F6FCC98E-83B9-4595-8772-A08161F031CF@Web.DE>

Hello!

Recently I started to work for a small German bank that needs to provide its own mirror for the Debian packages ("Buster" right now, "Bullseye" to come soon) its Linux VMs are using. I decided to build a partial mirror according to a description in the Debian users manual (that's its German title) which utilises apt-move. The shell script /usr/bin/apt-move produces a Release file that apt-get on a Linux VM describes as "having no hashes" (probably because in its sources.list we use [trusted=yes] – the packages come from our safe server!). Actually it has, MD5 and SHA1 hashes, but modern apt-get expects SHA256 and/or SHA512 hashes.

It seems easy to extend the function get_checksum() to create also these hashes and write them via additional redirections in additional files which make_release() can handle and write at Release's end.

Do you have a better idea? (My employer, who has sent me to the bank, will own the IP, but I can send you a copy nevertheless.)


	get_checksum() {
		for l; do
			[ -f $l ] || continue
			size=$(perl -le 'print ((stat($ARGV[0]))[7]);' $l)
			printf ' %32s%.s %16d %s\n' \
				$(md5sum $l) $size $j/$k/$l
			printf ' %40s%.s %16d %s\n' \
				$(sha1sum $l) $size $j/$k/$l >&3
			########
			printf ' %64s%.s %16d %s\n' \
				$(sha1sum $l) $size $j/$k/$l >&4
			printf ' %128s%.s %16d %s\n' \
				$(sha1sum $l) $size $j/$k/$l >&5
		done
	}

	make_release()
		.
		.
		.
		#######
		done > $pf-md5sum 3> $pf-sha1sum 4> $pf-sha256sum 5> $pf-sha512sum
	
		[ -n "$compo" ] || return 0
	
		info "Building: $dir Release"
	
		[ $TEST ] && return
	
		exec > Release.new
	
		echo Origin: $origin
		echo Label: $label
		echo Suite: $suite
		echo Codename: $codename
		echo Date: $(TZ=UTC date '+%a, %d %b %Y %T %Z')
		echo Architectures: $(printf '%s\n' $arch | sort -u)
		echo Components:$compo
		echo Description: $desc
		echo MD5Sum:
		cat $pf-md5sum
		echo SHA1:
		cat $pf-sha1sum
		#######
		echo SHA256:
		cat $pf-sha256sum
		echo SHA512:
		cat $pf-sha512sum
		exec >&-
	
		if [ -n "$GPGKEY" ]; then
			gpg --detach-sign -ao Release.gpg --default-key "$GPGKEY" \
				--batch --yes --sign Release.new
		fi
		mv Release.new Release
	}


--
Greetings

  Pete

Never be afraid to try something new. Remember, amateurs built the ark.
Professionals built the Titanic.

Reply to:

Prev by Date: mrtgutils_0.8.4-1_source.changes ACCEPTED into unstable
Next by Date: Processing of gthumb_3.12.1-1_source.changes
Previous by thread: mrtgutils_0.8.4-1_source.changes ACCEPTED into unstable
Next by thread: Processing of gthumb_3.12.1-1_source.changes
Index(es):
- Date
- Thread