guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on GuixSD and IDS like AIDE and Tripwire

From: Ludovic Courtès
Subject: Re: Thoughts on GuixSD and IDS like AIDE and Tripwire
Date: Mon, 02 Jan 2017 23:28:55 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) 
Hi!

address@hidden skribis:

> P.S. On second thought (and after a cup of coffee), could the database file be
> generated using the same format programs like md5sum, sha1sum, et al use so 
> we'd
> just have to run (for example) md5sum -C database?

That sounds like a good idea to complement ‘guix publish’ + ‘guix
challenge’.

A simple way to dump the database is like this:

--8<---------------cut here---------------start------------->8---
$ sudo sqlite3 /var/guix/db/db.sqlite
SQLite version 3.14.1 2016-08-11 18:53:32
Enter ".help" for usage hints.
sqlite> select path,hash from validpaths;
/gnu/store/98xcn26354r70nyamkgywqzjxvw3qikx-guile-2.0.9.tar.xz|sha256:a475e4bad3d39a94f01c590f239e80dbd84688e480ca74de3e335f6f36a0d975
/gnu/store/hyh7kwkqlxc0x9s8cs5mjnih5v524486-make-impure-dirs.patch|sha256:d697a02be5fea425ac93eb650b1359e3e8053d84f70677c8c0a80291ed03585e
/gnu/store/hv15hq91vm3ajv23lkq0kgd56d4kmd08-findutils-absolute-paths.patch|sha256:c4fc83e01a7f448b598905bcf6ca39b5ba0f1f0f131145b379f0de9c2fbe109b
[…]
--8<---------------cut here---------------end--------------->8---

(Of course you have to trust the database to contain the right hashes in
the first place.)

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]