grub2-signing-extension/sbin/grub2-verify

63 lines
1.0 KiB
Plaintext
Raw Normal View History

2015-03-16 19:38:36 +00:00
#!/bin/bash
# grub2-verify
# Checks the signatures of every file which is has a signature in /boot.
# Author: Bandie Kojote
# Licence: GNU-GPLv3
errorcounter=0
2015-03-17 06:23:23 +00:00
filecounter=0
# Signature check part + error counter + file counter + file list
2015-03-16 21:34:10 +00:00
echo "Checking signatures in /boot..."
2015-03-16 19:38:36 +00:00
for i in `find /boot -name "*.sig"`
do
gpg --verify-files $i > /dev/null 2>&1
if [ $? -ne 0 ]
then
((errorcounter++))
files[$errorcounter]=$i
fi
2015-03-17 06:23:23 +00:00
((filecounter++))
2015-03-16 19:38:36 +00:00
done
2015-03-17 06:23:23 +00:00
# Nothing to verify? Exit 2.
if [ $filecounter -eq 0 ]
2015-03-16 19:38:36 +00:00
then
echo "Nothing to verify."
exit 2
fi
2015-03-17 06:23:23 +00:00
# Message
2015-03-16 19:38:36 +00:00
echo -ne "There has been "
if [ $errorcounter -eq 0 ]
then
echo -ne "\e[1;32mno\e[0m"
else
echo -ne "\e[1;31m$errorcounter\e[0m"
fi
if [ $errorcounter -eq 1 ]
then
echo " bad signature."
else
echo " bad signatures."
fi
2015-03-17 06:23:23 +00:00
# File list and exit codes
2015-03-16 19:38:36 +00:00
if [ $errorcounter -gt 0 ]
then
for(( i=1; i<=${#files[@]}; i++))
do
echo "BAD signature: ${files[$i]}"
done
exit 1
else
exit 0
fi