Bug#607625: apt: no way to verify an individual downloaded

To: Toni Mueller <support@oeko.net>, 607625@bugs.debian.org
Subject: Bug#607625: apt: no way to verify an individual downloaded
From: David Kalnischkies <kalnischkies+debian@gmail.com>
Date: Sat, 26 Mar 2011 11:03:40 +0100
Message-id: <[🔎] AANLkTineRvZcSqDN-Vhbqm9nTKxc32ZqPqssHeqrLqyj@mail.gmail.com>
Reply-to: David Kalnischkies <kalnischkies+debian@gmail.com>, 607625@bugs.debian.org
In-reply-to: <20101220111821.8499.76701.reportbug@birch.oeko.net>
References: <20101220111821.8499.76701.reportbug@birch.oeko.net>

On Mon, Dec 20, 2010 at 12:18, Toni Mueller <support@oeko.net> wrote:
> in the light of DSA 2134-1, I would really like to see an easy way to
> manually verify a downloaded package. Currently, neither dpkg, apt nor
> aptitude appear to have such functionality, but using apt or aptitude is
> not always possible (at least, I often need to bypass them).

Could you elaborate a bit more what you want or what the usecase is?
The question is also why you are bypassing APT and co. in the first place…

APT automatically verifies the deb files it downloads and stores them
in /var/cache/apt/archives/ if successfully verified (before they are
in partial/).

aptitude has additionally a download option to download a package to
whatever place you are currently in. I don't know if it verifies it,
but i hope so. APT in wheezy onwards has this option, too.

Is that maybe what you want?

Best regards

David Kalnischkies

Reply to:

Prev by Date: Bug#255969: coreutils: critial files in /bin deleted during dist-upgrade from stable to testing
Next by Date: Processed: Re: coreutils: critial files in /bin deleted during dist-upgrade from stable to testing
Previous by thread: Bug#615147: marked as done (shouldn't happen. Please file a bug report against apt.)
Next by thread: Bug#255969: marked as done ([apt] apt mixes essential flag from all sources)
Index(es):
- Date
- Thread