Hi,
Holger Wansing <hwans...@mailbox.org> wrote:
> xloem <0xl...@gmail.com> wrote:
> > It is important to provide a reasonable way to verify the integrity of
> > installation media.
>
> I have prepared a patch, to add a small chapter on this topic to the guide
> (and correct a misleading phrase in chapter 4.2).
I have overworked the patch a bit, mainly to include "BD images" link only for
archs which have Bluray images.
Attached.
Any objections/comments?
Holger
--
Holger Wansing <hwans...@mailbox.org>
PGP-Fingerprint: 496A C6E8 1442 4B34 8508 3529 59F1 87CA 156E B076
>From ba5fd20b78c562e4475b84f9bdaada48428649dd Mon Sep 17 00:00:00 2001
From: Holger Wansing <hwans...@mailbox.org>
Date: Sun, 22 Nov 2020 12:08:09 +0100
Subject: [PATCH] Add chapter about verifying integrity of installation images
---
build/arch-options/amd64 | 2 +-
build/arch-options/i386 | 2 +-
build/templates/docstruct.ent | 1 +
en/install-methods/downloading-files.xml | 4 +-
en/install-methods/install-methods.xml | 1 +
en/install-methods/verifying-files.xml | 70 ++++++++++++++++++++++++
6 files changed, 76 insertions(+), 4 deletions(-)
create mode 100644 en/install-methods/verifying-files.xml
diff --git a/build/arch-options/amd64 b/build/arch-options/amd64
index 69ee45057..b3b81f95e 100644
--- a/build/arch-options/amd64
+++ b/build/arch-options/amd64
@@ -21,7 +21,7 @@ fdisk="fdisk.txt;cfdisk.txt"
network="supports-tftp;supports-bootp;supports-nfsroot"
boot="bootable-disk;bootable-usb;isohybrid-supported;manual-usb-prep-supported"
frontend="newt;gtk"
-other="supports-wireless;supports-pcmcia;supports-serial-console"
+other="supports-wireless;supports-pcmcia;supports-serial-console;has-bd-iso"
smp="smp-alternatives"
goodies="supports-lang-chooser"
diff --git a/build/arch-options/i386 b/build/arch-options/i386
index 4024917ae..f1df4898e 100644
--- a/build/arch-options/i386
+++ b/build/arch-options/i386
@@ -21,7 +21,7 @@ fdisk="fdisk.txt;cfdisk.txt"
network="supports-tftp;supports-bootp;supports-nfsroot"
boot="bootable-disk;bootable-usb;isohybrid-supported;manual-usb-prep-supported"
frontend="newt;gtk"
-other="supports-wireless;supports-pcmcia;supports-serial-console"
+other="supports-wireless;supports-pcmcia;supports-serial-console;has-bd-iso"
smp="smp-alternatives"
goodies="supports-lang-chooser"
diff --git a/build/templates/docstruct.ent b/build/templates/docstruct.ent
index 112c7881b..dd3e8d273 100644
--- a/build/templates/docstruct.ent
+++ b/build/templates/docstruct.ent
@@ -71,6 +71,7 @@
<!ENTITY tftp-bootp.xml SYSTEM "##SRCPATH##/install-methods/tftp/bootp.xml">
<!ENTITY tftp-dhcp.xml SYSTEM "##SRCPATH##/install-methods//tftp/dhcp.xml">
<!ENTITY automatic-install.xml SYSTEM "##SRCPATH##/install-methods/automatic-install.xml">
+ <!ENTITY verifying-files.xml SYSTEM "##SRCPATH##/install-methods/verifying-files.xml">
<!ENTITY boot-installer.xml SYSTEM "##SRCPATH##/boot-installer/boot-installer.xml">
diff --git a/en/install-methods/downloading-files.xml b/en/install-methods/downloading-files.xml
index ad67f8f16..5ecd45eca 100644
--- a/en/install-methods/downloading-files.xml
+++ b/en/install-methods/downloading-files.xml
@@ -12,10 +12,10 @@ To find the nearest (and thus probably the fastest) mirror, see the
</para>
<sect2 id="where-files">
- <title>Where to Find Installation Images</title>
+ <title>Where to Find Installation Files</title>
<para>
-The installation images are located on each &debian; mirror in the directory
+Various installation files can be found on each &debian; mirror in the directory
<ulink url="&url-debian-installer;images">debian/dists/&releasename;/main/installer-&architecture;/current/images/</ulink>
— the <ulink url="&url-debian-installer;images/MANIFEST">MANIFEST</ulink>
lists each image and its purpose.
diff --git a/en/install-methods/install-methods.xml b/en/install-methods/install-methods.xml
index 5b4710eac..e387fcb3e 100644
--- a/en/install-methods/install-methods.xml
+++ b/en/install-methods/install-methods.xml
@@ -10,5 +10,6 @@
&boot-drive-files.xml;
&install-tftp.xml;
&automatic-install.xml;
+&verifying-files.xml;
</chapter>
diff --git a/en/install-methods/verifying-files.xml b/en/install-methods/verifying-files.xml
new file mode 100644
index 000000000..1eda90734
--- /dev/null
+++ b/en/install-methods/verifying-files.xml
@@ -0,0 +1,70 @@
+<!-- retain these comments for translator revision tracking -->
+<!-- $Id$ -->
+
+ <sect1 id="verifying-files">
+ <title>Verifying the integrity of installation files</title>
+
+<para>
+
+You can verify the integrity of downloaded files against checksums
+provided in <filename>SHA256SUMS</filename> or <filename>SHA512SUMS</filename>
+files on Debian mirrors, in the same places where you find the installation images
+itself.
+Look at the following locations:
+
+</para>
+
+<itemizedlist>
+<listitem><para>
+
+<ulink url="https://cdimage.debian.org/debian-cd/current/&architecture;/iso-cd/";>checksum
+files for CD images</ulink>,
+
+</para></listitem>
+<listitem><para>
+
+<ulink url="https://cdimage.debian.org/debian-cd/current/&architecture;/iso-dvd/";>checksum
+files for DVD images</ulink>,
+
+</para></listitem>
+<listitem condition="has-bd-iso"><para>
+
+<ulink url="https://cdimage.debian.org/debian-cd/current/&architecture;/iso-bd/";>checksum
+files for BD images</ulink>,
+
+</para></listitem>
+<listitem><para>
+
+<ulink url="http://http.us.debian.org/debian/dists/&releasename;/main/installer-&architecture;/current/images/";>checksum
+files for other installation files</ulink>.
+
+</para></listitem>
+</itemizedlist>
+
+<para>
+
+To compute the checksum of a downloaded installation file, use
+
+<informalexample><screen>
+sha256sum filename.iso
+</screen></informalexample>
+
+respective
+
+<informalexample><screen>
+sha512sum filename.iso
+</screen></informalexample>
+
+and then compare the shown checksum against the corresponding one in the
+<filename>SHA256SUMS</filename> or <filename>SHA512SUMS</filename> file.
+
+</para><para>
+
+The <ulink url="&url-debian-cd-faq;">Debian CD FAQ</ulink> has
+<ulink url="https://www.debian.org/CD/faq/index.en.html#verify";>more useful information</ulink>
+on this topic (such as the script <filename>check_debian_iso</filename>, to semi-automate
+above procedure).
+
+
+</para>
+
+ </sect1>
--
2.20.1
