1DSCVERIFY(1)                General Commands Manual               DSCVERIFY(1)
2
3
4

NAME

6       dscverify - verify the validity of a Debian package
7

SYNOPSIS

9       dscverify  [--keyring keyring] ... changes_or_buildinfo_or_dsc_filename
10       ...
11

DESCRIPTION

13       dscverify checks that the GPG signatures on the given .changes, .build‐
14       info  or  .dsc  files  are  good signatures made by keys in the current
15       Debian keyrings, found  in  the  debian-keyring  package.   (Additional
16       keyrings  can  be  specified  using  the --keyring option any number of
17       times.)  It then checks that the other files listed  in  the  .changes,
18       .buildinfo or .dsc files have the correct sizes and checksums (MD5 plus
19       SHA1 and SHA256 if the latter are present).  The exit status  is  0  if
20       there are no problems and non-zero otherwise.
21

OPTIONS

23       --keyring keyring
24              Add keyring to the list of keyrings to be used.
25
26       --no-default-keyrings
27              Do not use the default set of keyrings.
28
29       --no-conf, --noconf
30              Do  not  read any configuration files.  This can only be used as
31              the first option given on the command-line.
32
33       --nosigcheck, --no-sig-check, -u
34              Skip the signature verification step. That is, only  verify  the
35              sizes and checksums of the files listed in the .changes, .build‐
36              info or .dsc files.
37
38       --verbose
39              Do not suppress GPG output.
40
41
42       --help, -h
43              Display a help message and exit successfully.
44
45       --version
46              Display version and copyright information and  exit  suc‐
47              cessfully.
48

CONFIGURATION VARIABLES

50       The    two    configuration   files   /etc/devscripts.conf   and
51       ~/.devscripts are sourced by a shell in that order to  set  con‐
52       figuration variables.  Environment variable settings are ignored
53       for this purpose.  If the first command  line  option  given  is
54       --noconf  or  --no-conf, then these files will not be read.  The
55       currently recognised variable is:
56
57       DSCVERIFY_KEYRINGS
58              This is a colon-separated list of extra keyrings  to  use
59              in addition to any specified on the command line.
60

KEYRING

62       Please  note  that  the  keyring  provided by the debian-keyring
63       package can be slightly out of date. The latest version  can  be
64       obtained with rsync, as documented in the README that comes with
65       debian-keyring.  If you sync the keyring to a non-standard loca‐
66       tion (see below), you can use the possibilities to specify extra
67       keyrings, by either  using  the  above  mentioned  configuration
68       option or the --keyring option.
69
70       Below is an example for an alias:
71
72       alias dscverify='dscverify --keyring ~/.gnupg/pubring.gpg'
73

STANDARD KEYRING LOCATIONS

75       By default dscverify searches for the debian-keyring in the fol‐
76       lowing locations:
77
78       - ~/.gnupg/trustedkeys.gpg
79
80       - /srv/keyring.debian.org/keyrings/debian-keyring.gpg
81
82       - /usr/share/keyrings/debian-keyring.gpg
83
84       - /usr/share/keyrings/debian-maintainers.gpg
85

SEE ALSO

87       gpg(1), gpg2(1), devscripts.conf(5)
88
89

AUTHOR

91       dscverify was written by Roderick Schertler <roderick@argon.org>
92       and  posted  on  the debian-devel@lists.debian.org mailing list,
93       with several modifications by Julian Gilbey <jdg@debian.org>.
94
95
96
97DEBIAN                         Debian Utilities                   DSCVERIFY(1)