When investigating the recent report of my mirror returning bad tar.gz
files, I decided to try and validate the tar.gz files against the
tar.gz.sha1 files and I'm initially getting a lot of errors.
I first tried a sha1sum --check against each of the *.sha1 files (okay,
I rewrote the paths on the fly). This method shows I am missing a ton of
files. A couple examples:
1821598.tar.gz.sha1 only has a hash for "update.tgz", which is not a
file I have. 1821598.tar.gz does match though.
1083703.tar.gz.sha1 only has a hash for 1083378.tar.gz, a file I also do
not possess.
If I just compare the *.tar.gz files against a matching *.tar.gz.sha1
file and only look at the hash (ignoring the filenames completely) then
everything validates correctly, so I don't believe I have any data
errors. This helps to confirm my belief that my issue was due to overly
aggressive caching on the web server and not due to any problems on the
underlying storage.
Is it expected that the filenames within the .sha1 files don't reflect
reality?
- Validating *.tar.gz files using *.tar.gz.sha1 Dave Warren
-