Re: status: hints on how to check your machine for intrusion

From: Willy Tarreau
Date: Sat Oct 01 2011 - 13:55:04 EST

On Sat, Oct 01, 2011 at 12:19:16PM -0500, Andy wrote:
> On Sat, Oct 01, 2011 at 06:56:59PM +0200, Willy Tarreau wrote:
> > Result: it's correct. With a bit of scripting, it's easy to match
> > tags signatures with tarballs'.
> I must be doing something wrong. I only have the 2.6 git repo (so my tags
> don't drill down to 2.6.x.y just 2.6.x) but my experiement isn't giving
> the results I expected.
> [Cloned repo]
> $ git archive --format=tar --prefix linux-2.6.39/ v2.6.39 | md5sum
> 482f8bd941def0548a95f34e2d290dfd -

Indeed I have the same here.

> [Downloaded from]
> $ bzcat linux-2.6.39.tar.bz2 | md5sum
> 833d224ee42ddc1e7c2d256368b5d7b3 -

An archive I found from this mirror indeed gave me the same md5 as
yours :

OK, found! 2.6 kernels are archived with tar.umask = 022 while I
did not have this config option here. If I fix the umask, I get the
same md5 as in the tarball :

$ git config tar.umask 022
$ git archive --format tar --prefix linux-2.6.39/ v2.6.39 | md5sum

So I can redo all the md5 sigs now :-/


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at