apt-move
Hello!
Recently I started to work for a small German bank that needs to provide its own mirror for the Debian packages ("Buster" right now, "Bullseye" to come soon) its Linux VMs are using. I decided to build a partial mirror according to a description in the Debian users manual (that's its German title) which utilises apt-move. The shell script /usr/bin/apt-move produces a Release file that apt-get on a Linux VM describes as "having no hashes" (probably because in its sources.list we use [trusted=yes] – the packages come from our safe server!). Actually it has, MD5 and SHA1 hashes, but modern apt-get expects SHA256 and/or SHA512 hashes.
It seems easy to extend the function get_checksum() to create also these hashes and write them via additional redirections in additional files which make_release() can handle and write at Release's end.
Do you have a better idea? (My employer, who has sent me to the bank, will own the IP, but I can send you a copy nevertheless.)
get_checksum() {
for l; do
[ -f $l ] || continue
size=$(perl -le 'print ((stat($ARGV[0]))[7]);' $l)
printf ' %32s%.s %16d %s\n' \
$(md5sum $l) $size $j/$k/$l
printf ' %40s%.s %16d %s\n' \
$(sha1sum $l) $size $j/$k/$l >&3
########
printf ' %64s%.s %16d %s\n' \
$(sha1sum $l) $size $j/$k/$l >&4
printf ' %128s%.s %16d %s\n' \
$(sha1sum $l) $size $j/$k/$l >&5
done
}
make_release()
.
.
.
#######
done > $pf-md5sum 3> $pf-sha1sum 4> $pf-sha256sum 5> $pf-sha512sum
[ -n "$compo" ] || return 0
info "Building: $dir Release"
[ $TEST ] && return
exec > Release.new
echo Origin: $origin
echo Label: $label
echo Suite: $suite
echo Codename: $codename
echo Date: $(TZ=UTC date '+%a, %d %b %Y %T %Z')
echo Architectures: $(printf '%s\n' $arch | sort -u)
echo Components:$compo
echo Description: $desc
echo MD5Sum:
cat $pf-md5sum
echo SHA1:
cat $pf-sha1sum
#######
echo SHA256:
cat $pf-sha256sum
echo SHA512:
cat $pf-sha512sum
exec >&-
if [ -n "$GPGKEY" ]; then
gpg --detach-sign -ao Release.gpg --default-key "$GPGKEY" \
--batch --yes --sign Release.new
fi
mv Release.new Release
}
--
Greetings
Pete
Never be afraid to try something new. Remember, amateurs built the ark.
Professionals built the Titanic.
Reply to: