1DSCVERIFY(1) General Commands Manual DSCVERIFY(1)
2
3
4
6 dscverify - verify the validity of a Debian package
7
9 dscverify [--keyring keyring] ... changes_or_buildinfo_or_dsc_filename
10 ...
11
13 dscverify checks that the GPG signatures on the given .changes, .build‐
14 info or .dsc files are good signatures made by keys in the current De‐
15 bian keyrings, found in the debian-keyring package. (Additional
16 keyrings can be specified using the --keyring option any number of
17 times.) It then checks that the other files listed in the .changes,
18 .buildinfo or .dsc files have the correct sizes and checksums (MD5 plus
19 SHA1 and SHA256 if the latter are present). The exit status is 0 if
20 there are no problems and non-zero otherwise.
21
23 --keyring keyring
24 Add keyring to the list of keyrings to be used.
25
26 --no-default-keyrings
27 Do not use the default set of keyrings.
28
29 --no-conf, --noconf
30 Do not read any configuration files. This can only be used as
31 the first option given on the command-line.
32
33 --nosigcheck, --no-sig-check, -u
34 Skip the signature verification step. That is, only verify the
35 sizes and checksums of the files listed in the .changes, .build‐
36 info or .dsc files.
37
38 --verbose
39 Do not suppress GPG output.
40
41
42 --help, -h
43 Display a help message and exit successfully.
44
45 --version
46 Display version and copyright information and exit successfully.
47
49 The two configuration files /etc/devscripts.conf and ~/.devscripts are
50 sourced by a shell in that order to set configuration variables. Envi‐
51 ronment variable settings are ignored for this purpose. If the first
52 command line option given is --noconf or --no-conf, then these files
53 will not be read. The currently recognised variable is:
54
55 DSCVERIFY_KEYRINGS
56 This is a colon-separated list of extra keyrings to use in addi‐
57 tion to any specified on the command line.
58
60 Please note that the keyring provided by the debian-keyring package can
61 be slightly out of date. The latest version can be obtained with rsync,
62 as documented in the README that comes with debian-keyring. If you
63 sync the keyring to a non-standard location (see below), you can use
64 the possibilities to specify extra keyrings, by either using the above
65 mentioned configuration option or the --keyring option.
66
67 Below is an example for an alias:
68
69 alias dscverify='dscverify --keyring ~/.gnupg/pubring.gpg'
70
72 By default dscverify searches for the debian-keyring in the following
73 locations:
74
75 - ~/.gnupg/trustedkeys.gpg
76
77 - /srv/keyring.debian.org/keyrings/debian-keyring.gpg
78
79 - /usr/share/keyrings/debian-keyring.gpg
80
81 - /usr/share/keyrings/debian-maintainers.gpg
82
83 - /usr/share/keyrings/debian-nonupload.gpg
84
86 gpg(1), gpg2(1), devscripts.conf(5)
87
88
90 dscverify was written by Roderick Schertler <roderick@argon.org> and
91 posted on the debian-devel@lists.debian.org mailing list, with several
92 modifications by Julian Gilbey <jdg@debian.org>.
93
94
95
96DEBIAN Debian Utilities DSCVERIFY(1)