Re: kernel.org status: hints on how to check your machine forintrusion

[Andy]

On Sat, Oct 01, 2011 at 09:39:48PM -0700, Greg KH wrote:
> I've did this a while ago when we were working on verifying the
> tarballs, here's what I got, one column is with the umask unset, and the
> other set to 022, both of them being the sha256sum output.

Thank you very much for posting that information.

> If this isn't sufficient, just give me a script I can run and I'll be
> glad to provide the numbers.

Many of us would benefit from having signatures for some of the recent
kernels missing for your list as well as Willy's. For example, a few
systems of mine run 2.6.39.4 due to sleep-related issues with 3.0.x+ and
those hardware platforms.

It would be great to have fingerprints for:

2.6.35.1 - 2.6.35.9 (2.6.35.14?)
2.6.36.1 - 2.6.36.4
2.6.37.1 - 2.6.37.6
2.6.38.1 - 2.6.38.8
2.6.39.1 - 2.6.39.4

Here is a script (based on Willy's) to use inside the git dirs:

for mask in 002 022
do
  git config tar.umask $mask
  echo "umask set to: $mask"
  for tag in $(git tag | grep "^v[23]" | egrep -v 'pre|rc|tree')
  do
    echo -ne "${tag#v}\t"
    git archive --format tar --prefix linux-${tag#v}/ $tag | sha256sum
  done
  echo
done  

Many thanks,

~ Andy

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/