How to verify lot of .sig files in lot of subdirectories with script

Michel Messerschmidt lists at michel-messerschmidt.de
Sun Jul 19 15:08:12 CEST 2009


On Sun, Jul 19, 2009 at 12:11:05PM +0200, Csabi wrote:
> I have lot of subdirectories containing program source code compressed  
> files and their signature files.
> For example: <program name> <program version>.tar.gz and
> <program name> <program version>.tar.gz.sig
> How do i verify lot of .sig files in lot of subdirectories with one 
> script under Linux?

One solution is to execute this bash one-liner in the top level 
directory of your source code archives:
for i in `find . -name '*tar.gz'`; do if [ -e ${i}.sig ]; then echo "Signature verification for $i:"; gpg --verify ${i}.sig $i; fi; done

Note that archives without detached signature file (.sig) won't be 
checked.




More information about the Gnupg-users mailing list