DSCVERIFY(1) | General Commands Manual | DSCVERIFY(1) |
dscverify - verify the validity of a Debian package
dscverify [--keyring keyring] ... changes_or_buildinfo_or_dsc_filename ...
dscverify checks that the GPG signatures on the given .changes, .buildinfo or .dsc files are good signatures made by keys in the current Debian keyrings, found in the debian-keyring package. (Additional keyrings can be specified using the --keyring option any number of times.) It then checks that the other files listed in the .changes, .buildinfo or .dsc files have the correct sizes and checksums (MD5 plus SHA1 and SHA256 if the latter are present). The exit status is 0 if there are no problems and non-zero otherwise.
The two configuration files /etc/devscripts.conf and ~/.devscripts are sourced by a shell in that order to set configuration variables. Environment variable settings are ignored for this purpose. If the first command line option given is --noconf or --no-conf, then these files will not be read. The currently recognised variable is:
Please note that the keyring provided by the debian-keyring package can be slightly out of date. The latest version can be obtained with rsync, as documented in the README that comes with debian-keyring. If you sync the keyring to a non-standard location (see below), you can use the possibilities to specify extra keyrings, by either using the above mentioned configuration option or the --keyring option.
Below is an example for an alias:
alias dscverify='dscverify --keyring ~/.gnupg/pubring.gpg'
By default dscverify searches for the debian-keyring in the following locations:
- ~/.gnupg/trustedkeys.gpg
- /srv/keyring.debian.org/keyrings/debian-keyring.gpg
- /usr/share/keyrings/debian-keyring.gpg
- /usr/share/keyrings/debian-maintainers.gpg
- /usr/share/keyrings/debian-nonupload.gpg
dscverify was written by Roderick Schertler <roderick@argon.org> and posted on the debian-devel@lists.debian.org mailing list, with several modifications by Julian Gilbey <jdg@debian.org>.
Debian Utilities | DEBIAN |