1DSCVERIFY(1)                General Commands Manual               DSCVERIFY(1)
2
3
4

NAME

6       dscverify - verify the validity of a Debian package
7

SYNOPSIS

9       dscverify  [--keyring keyring] ... changes_or_buildinfo_or_dsc_filename
10       ...
11

DESCRIPTION

13       dscverify checks that the GPG signatures on the given .changes, .build‐
14       info  or .dsc files are good signatures made by keys in the current De‐
15       bian  keyrings,  found  in  the  debian-keyring  package.   (Additional
16       keyrings  can  be  specified  using  the --keyring option any number of
17       times.)  It then checks that the other files listed  in  the  .changes,
18       .buildinfo or .dsc files have the correct sizes and checksums (MD5 plus
19       SHA1 and SHA256 if the latter are present).  The exit status  is  0  if
20       there are no problems and non-zero otherwise.
21

OPTIONS

23       --keyring keyring
24              Add keyring to the list of keyrings to be used.
25
26       --no-default-keyrings
27              Do not use the default set of keyrings.
28
29       --no-conf, --noconf
30              Do  not  read any configuration files.  This can only be used as
31              the first option given on the command-line.
32
33       --nosigcheck, --no-sig-check, -u
34              Skip the signature verification step. That is, only  verify  the
35              sizes and checksums of the files listed in the .changes, .build‐
36              info or .dsc files.
37
38       --verbose
39              Do not suppress GPG output.
40
41
42       --help, -h
43              Display a help message and exit successfully.
44
45       --version
46              Display version and copyright information and exit successfully.
47

CONFIGURATION VARIABLES

49       The two configuration files /etc/devscripts.conf and ~/.devscripts  are
50       sourced by a shell in that order to set configuration variables.  Envi‐
51       ronment variable settings are ignored for this purpose.  If  the  first
52       command  line  option  given is --noconf or --no-conf, then these files
53       will not be read.  The currently recognised variable is:
54
55       DSCVERIFY_KEYRINGS
56              This is a colon-separated list of extra keyrings to use in addi‐
57              tion to any specified on the command line.
58

KEYRING

60       Please note that the keyring provided by the debian-keyring package can
61       be slightly out of date. The latest version can be obtained with rsync,
62       as  documented  in  the  README that comes with debian-keyring.  If you
63       sync the keyring to a non-standard location (see below),  you  can  use
64       the  possibilities to specify extra keyrings, by either using the above
65       mentioned configuration option or the --keyring option.
66
67       Below is an example for an alias:
68
69       alias dscverify='dscverify --keyring ~/.gnupg/pubring.gpg'
70

STANDARD KEYRING LOCATIONS

72       By default dscverify searches for the debian-keyring in  the  following
73       locations:
74
75       - ~/.gnupg/trustedkeys.gpg
76
77       - /srv/keyring.debian.org/keyrings/debian-keyring.gpg
78
79       - /usr/share/keyrings/debian-keyring.gpg
80
81       - /usr/share/keyrings/debian-maintainers.gpg
82
83       - /usr/share/keyrings/debian-nonupload.gpg
84

SEE ALSO

86       gpg(1), gpg2(1), devscripts.conf(5)
87
88

AUTHOR

90       dscverify  was  written  by Roderick Schertler <roderick@argon.org> and
91       posted on the debian-devel@lists.debian.org mailing list, with  several
92       modifications by Julian Gilbey <jdg@debian.org>.
93
94
95
96DEBIAN                         Debian Utilities                   DSCVERIFY(1)
Impressum