Call for testing: SHA512 in the install_script instead of md5 on the server
Hi all, Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this. I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :). You can do this by: wget https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh and then running it, but maybe supplying an alternate directory rather than the default. Thanks for any feedback. -Matt
Hi Matt. I don't think macs have sha512sum. I get: Awesome! Here we go. Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz[7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ... Best, Casey On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
This works perfectly on the linux cluster at UCSC. On Jan 25, 2012, at 1:46 PM, Casey W. Stark wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote: Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
!DSPAM:10175,4f205c26289382452922778! _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
!DSPAM:10175,4f205c26289382452922778!
Hi Casey, Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac. -Matt On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Works for me on my ubuntu workstation. chris On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL: http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget
https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
On 01/25/2012 08:52 PM, Matthew Turk wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac. I believe that on OSX you need to do it like this: shasum -a 512 -p <FILE>
Kacper
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Ah, so I found the discussion in IRC. It looks like you use sha512sum on linux and shasum -a 512 on macs. Maybe the install script can try shasum, then sha512sum, then bail on the sum? NERSC has shasum btw. Best, Casey On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL: http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget
https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Hi Casey, Can you try the same thing with hash cc3c53c247df? I added a catch for OSX with shasum, but not sha512sum. -Matt On Wed, Jan 25, 2012 at 2:26 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Ah, so I found the discussion in IRC. It looks like you use sha512sum on linux and shasum -a 512 on macs. Maybe the install script can try shasum, then sha512sum, then bail on the sum?
NERSC has shasum btw.
Best, Casey
On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget
https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Hey Matt. Just ran the new version and it's verifying everything fine. I will let you know if anything goes wrong with compilation, but otherwise looks great. Best, Casey On Wed, Jan 25, 2012 at 3:08 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Can you try the same thing with hash cc3c53c247df? I added a catch for OSX with shasum, but not sha512sum.
-Matt
On Wed, Jan 25, 2012 at 2:26 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Ah, so I found the discussion in IRC. It looks like you use sha512sum on linux and shasum -a 512 on macs. Maybe the install script can try shasum, then sha512sum, then bail on the sum?
NERSC has shasum btw.
Best, Casey
On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we
download
sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget
https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory
rather
than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Cool! I have issued a PR. Thanks! On Thu, Jan 26, 2012 at 1:03 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hey Matt.
Just ran the new version and it's verifying everything fine. I will let you know if anything goes wrong with compilation, but otherwise looks great.
Best, Casey
On Wed, Jan 25, 2012 at 3:08 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Can you try the same thing with hash cc3c53c247df? I added a catch for OSX with shasum, but not sha512sum.
-Matt
On Wed, Jan 25, 2012 at 2:26 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Ah, so I found the discussion in IRC. It looks like you use sha512sum on linux and shasum -a 512 on macs. Maybe the install script can try shasum, then sha512sum, then bail on the sum?
NERSC has shasum btw.
Best, Casey
On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget
https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Anybody have a chance to look at the PR? https://bitbucket.org/yt_analysis/yt/pull-request/76/sha-sums-instead-of-md5 On Thu, Jan 26, 2012 at 7:26 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Cool! I have issued a PR. Thanks!
On Thu, Jan 26, 2012 at 1:03 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hey Matt.
Just ran the new version and it's verifying everything fine. I will let you know if anything goes wrong with compilation, but otherwise looks great.
Best, Casey
On Wed, Jan 25, 2012 at 3:08 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Can you try the same thing with hash cc3c53c247df? I added a catch for OSX with shasum, but not sha512sum.
-Matt
On Wed, Jan 25, 2012 at 2:26 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Ah, so I found the discussion in IRC. It looks like you use sha512sum on linux and shasum -a 512 on macs. Maybe the install script can try shasum, then sha512sum, then bail on the sum?
NERSC has shasum btw.
Best, Casey
On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote: > > Hi all, > > Currently to verify file integrity with the install script we > download > sidecar md5 file from yt-project.org. These aren't versioned, and > md5 > itself is largely deprecated for this. > > I've created a new sha512-using version of the install script, which > uses sha512 hashes stored *in the install script* to verify file > integrity. This way any time these change we will be notified of > them. I'd like it if a few people could test this -- I have -- on > pristine systems. It changes both how the files are downloaded and > it > now uses sha512sum, which should be available on most systems > (according to Kacper :). > > You can do this by: > > wget > > > https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh > > and then running it, but maybe supplying an alternate directory > rather > than the default. > > Thanks for any feedback. > > -Matt > _______________________________________________ > yt-dev mailing list > yt-dev@lists.spacepope.org > http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
yes. On Wed, Feb 1, 2012 at 8:18 AM, Matthew Turk <matthewturk@gmail.com> wrote:
Anybody have a chance to look at the PR?
https://bitbucket.org/yt_analysis/yt/pull-request/76/sha-sums-instead-of-md5
On Thu, Jan 26, 2012 at 7:26 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Cool! I have issued a PR. Thanks!
On Thu, Jan 26, 2012 at 1:03 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hey Matt.
Just ran the new version and it's verifying everything fine. I will let you know if anything goes wrong with compilation, but otherwise looks great.
Best, Casey
On Wed, Jan 25, 2012 at 3:08 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Can you try the same thing with hash cc3c53c247df? I added a catch for OSX with shasum, but not sha512sum.
-Matt
On Wed, Jan 25, 2012 at 2:26 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Ah, so I found the discussion in IRC. It looks like you use sha512sum on linux and shasum -a 512 on macs. Maybe the install script can try shasum, then sha512sum, then bail on the sum?
NERSC has shasum btw.
Best, Casey
On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote: > Hi Matt. > > I don't think macs have sha512sum. I get: > > Awesome! Here we go. > > Using wget > Downloading HDF5 > Downloading hdf5-1.8.7.tar.gz from yt-project.org > 2012-01-25 13:22:51 > URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz > [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] > I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. > Downloading zlib-1.2.3.tar.bz2 from yt-project.org > ... > > Best, > Casey > > > On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> > wrote: >> >> Hi all, >> >> Currently to verify file integrity with the install script we >> download >> sidecar md5 file from yt-project.org. These aren't versioned, and >> md5 >> itself is largely deprecated for this. >> >> I've created a new sha512-using version of the install script, which >> uses sha512 hashes stored *in the install script* to verify file >> integrity. This way any time these change we will be notified of >> them. I'd like it if a few people could test this -- I have -- on >> pristine systems. It changes both how the files are downloaded and >> it >> now uses sha512sum, which should be available on most systems >> (according to Kacper :). >> >> You can do this by: >> >> wget >> >> >> https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh >> >> and then running it, but maybe supplying an alternate directory >> rather >> than the default. >> >> Thanks for any feedback. >> >> -Matt >> _______________________________________________ >> yt-dev mailing list >> yt-dev@lists.spacepope.org >> http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org > > > > _______________________________________________ > yt-dev mailing list > yt-dev@lists.spacepope.org > http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org > _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Hi Casey, If you change line 291 to "shasum" instead of "sha512sum", and then line 296 to have "shasum -a 512" instead of "sha512sum", does it work? -Matt On Wed, Jan 25, 2012 at 1:52 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Casey,
Rats! Is there an sha sum utility of any type? I thought some people in IRC found it on their mac.
-Matt
On Wed, Jan 25, 2012 at 1:46 PM, Casey W. Stark <caseywstark@gmail.com> wrote:
Hi Matt.
I don't think macs have sha512sum. I get:
Awesome! Here we go.
Using wget Downloading HDF5 Downloading hdf5-1.8.7.tar.gz from yt-project.org 2012-01-25 13:22:51 URL:http://yt-project.org/dependencies/hdf5-1.8.7.tar.gz [7827944/7827944] -> "hdf5-1.8.7.tar.gz" [1] I am unable to locate sha512sum. FILE INTEGRITY NOT VERIFIED. Downloading zlib-1.2.3.tar.bz2 from yt-project.org ...
Best, Casey
On Wed, Jan 25, 2012 at 1:19 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
Hi Matt, Works perfectly on Ubuntu 11.10. j On Wed, Jan 25, 2012 at 11:19 AM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi all,
Currently to verify file integrity with the install script we download sidecar md5 file from yt-project.org. These aren't versioned, and md5 itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which uses sha512 hashes stored *in the install script* to verify file integrity. This way any time these change we will be notified of them. I'd like it if a few people could test this -- I have -- on pristine systems. It changes both how the files are downloaded and it now uses sha512sum, which should be available on most systems (according to Kacper :).
You can do this by:
wget https://bitbucket.org/MatthewTurk/yt/raw/367ea3bfff2e/doc/install_script.sh
and then running it, but maybe supplying an alternate directory rather than the default.
Thanks for any feedback.
-Matt _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
participants (6)
-
Casey W. Stark -
Christopher Moody -
j s oishi -
Kacper Kowalik -
Matthew Turk -
Nathan Goldbaum