Ted Unangst <t...@tedunangst.com> wrote: > Simplify examples section. The magic recipe is contained in sysupgrade, so we > can omit it, and instead add a .xr to sysupgrade.8. > > > Index: signify.1 > =================================================================== > RCS file: /home/cvs/src/usr.bin/signify/signify.1,v > retrieving revision 1.46 > diff -u -p -r1.46 signify.1 > --- signify.1 23 Mar 2019 07:10:06 -0000 1.46 > +++ signify.1 26 Apr 2019 20:32:24 -0000 > @@ -166,18 +166,6 @@ Sign a file, specifying a signature name > Verify a signature, using the default signature name: > .Dl $ signify -V -p key.pub -m generalsorders.txt > .Pp > -Verify a release directory containing > -.Pa SHA256.sig > -and a full set of release files: > -.Bd -literal -offset indent -compact > -$ signify -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig > -.Ed > -.Pp > -Verify a bsd.rd before an upgrade: > -.Bd -literal -offset indent -compact > -$ signify -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig bsd.rd > -.Ed > -.Pp > Sign a gzip archive: > .Bd -literal -offset indent -compact > $ signify -Sz -s key-arc.sec -m in.tgz -x out.tgz
Please do not delete those chunks. I use them every 6 months to verify I have constructed correct release directories. I am not going to read the internals of sysupgrade to determine this. I am not going to use sysupgrade to verify my release directories are correct, since they directories are not yet flowing to mirrors and are hiding on some darknet. I know this recipe is in this manual page, so I use it. Removing it and saying "Oh some code somewhere does it", is irresponsible, it forces peoplt to use just that specific chunk of code. Now everyone has to use sysupgrade? What if someone wants to do it manually? Oh I get it, they'll skip the verification step.....
