Originally Posted by BwE
Checking the entire CoreOS would encompass what you're doing, so why do it?
And why not
So I have and want to do this for many good or bad reasons:
1st I have no db of any MD5 for each ros version, so if I want to do the same way as you I need to establish a list of MD5 for this.
2nd doing MD5 for the whole ROS is valid only if done on a known format like OFW and eventually few CFW, but it can exist many cases where the ros is 100% valid but its MD5 unkown because it's a MFW which as never been calculated.
3rd doing it on each files of the ros can be as problematic as fopr the ros itself in case of a CFW/MFW, but at least there are only few files which are impacted when not having a OFW, also I don't want to solely give a report of the ros being fail if I can more over give to the user whihc file in the ros is problematic or unkown.
4th maybe a better way would be to use your method for known MD5 then go in the detail if there's a mismatch.