Linux command
apptainer-verify 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Verify
apptainer verify [path/to/image.sif]
Example
apptainer verify --key [path/to/public.pem] [path/to/image.sif]
Example
apptainer verify --certificate [path/to/certificate.pem] [path/to/image.sif]
Example
apptainer verify -a [path/to/image.sif]
Example
apptainer verify -g [group_id] [path/to/image.sif]
Example
apptainer verify -i [object_id] [path/to/image.sif]
Example
apptainer verify -j [path/to/image.sif]
Example
apptainer verify -l [path/to/image.sif]
Example
apptainer verify --legacy-insecure [path/to/image.sif]
说明
apptainer verify validates the cryptographic signatures on SIF container images. This confirms that the image has not been tampered with and was signed by a trusted party. Verification can use PGP public keys, X.509 certificates, or keys fetched from a keyserver. The command exits with a non-zero status if verification fails.
参数
- --key _file_
- Path to a public key file for verification
- --certificate _file_
- Path to a certificate file for verification
- -a, --all
- Verify all objects in the SIF image
- -g, --group-id _id_
- Verify only a specific object group
- -i, --sif-id _id_
- Verify only a specific object by ID
- -j, --json
- Output results in JSON format
- -l, --local
- Only verify with local key(s) in keyring
- -u, --url _string_
- Specify a URL for a key server
- --legacy-insecure
- Enable verification of (insecure) legacy signatures
- --certificate-intermediates _file_
- Path to pool of intermediate certificates
- --certificate-roots _file_
- Path to pool of root certificates
- --ocsp-verify
- Enable online revocation check for certificates
FAQ
What is the apptainer-verify command used for?
apptainer verify validates the cryptographic signatures on SIF container images. This confirms that the image has not been tampered with and was signed by a trusted party. Verification can use PGP public keys, X.509 certificates, or keys fetched from a keyserver. The command exits with a non-zero status if verification fails.
How do I run a basic apptainer-verify example?
Run `apptainer verify [path/to/image.sif]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does --key _file_ do in apptainer-verify?
Path to a public key file for verification