grub2-signing-extension/sbin/grub2-verify
2015-03-16 20:38:36 +01:00

51 lines
861 B
Bash

#!/bin/bash
# grub2-verify
# Checks the signatures of every file which is has a signature in /boot.
# Author: Bandie Kojote
# Licence: GNU-GPLv3
errorcounter=0
c=0
echo "Checks signature in /boot..."
for i in `find /boot -name "*.sig"`
do
gpg --verify-files $i > /dev/null 2>&1
if [ $? -ne 0 ]
then
((errorcounter++))
files[$errorcounter]=$i
fi
((c++))
done
if [ $c -eq 0 ]
then
echo "Nothing to verify."
exit 2
fi
echo -ne "There has been "
if [ $errorcounter -eq 0 ]
then
echo -ne "\e[1;32mno\e[0m"
else
echo -ne "\e[1;31m$errorcounter\e[0m"
fi
if [ $errorcounter -eq 1 ]
then
echo " bad signature."
else
echo " bad signatures."
fi
if [ $errorcounter -gt 0 ]
then
for(( i=1; i<=${#files[@]}; i++))
do
echo "BAD signature: ${files[$i]}"
done
exit 1
else
exit 0
fi