V9.14.018.2026.06.07
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Has been cancelled
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
💙 Generating a PUBLIC Live ISO. / 💙 Generating a PUBLIC Live ISO. (push) Has been cancelled
🔐 Generating a Private Live ISO TRIXIE. / 🔐 Generating a Private Live ISO TRIXIE. (push) Has been cancelled
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Has been cancelled
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
💙 Generating a PUBLIC Live ISO. / 💙 Generating a PUBLIC Live ISO. (push) Has been cancelled
🔐 Generating a Private Live ISO TRIXIE. / 🔐 Generating a Private Live ISO TRIXIE. (push) Has been cancelled
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -14,6 +14,14 @@
|
||||
# SPDX-PackageName: CISS.debian.live.builder
|
||||
# SPDX-Security-Contact: security@coresecret.eu
|
||||
|
||||
# Module summary:
|
||||
# This live-boot component implements the verify-checksums mode for the mounted live medium.
|
||||
# It reads the live-boot command line to decide whether checksum verification is enabled and which digests to accept.
|
||||
# It locates the pinned CISS GPG key material on the live medium, optionally verifies this script's signed hash,
|
||||
# optionally verifies signed checksum files, and checks the first matching checksum manifest with the matching digest tool. It
|
||||
# writes detailed checksum output to the verification TTY. It panics instead of continuing boot when integrity or
|
||||
# authenticity verification fails.
|
||||
|
||||
### Modified Version of the original file:
|
||||
### https://salsa.debian.org/live-team/live-boot 'components/0030-ciss-verify-checksums'
|
||||
### If the offered checksum is successfully verified, proceed with booting. Otherwise, panic.
|
||||
|
||||
Reference in New Issue
Block a user