Andrew wrote: > Just wondering if signify(1) is intended to exit 0 ONLY if the [file > ...] is within the shell's pwd ?? By chance, I noticed that > /path/to/file will fail on the same bsd.rd controlling for the working > directory.
Mostly, yes. The filename is compared to the one in the signature file with a simple comparison. > h) /home/bench $> signify -Cp /etc/signify/openbsd-63-base.pub > -x SHA256.sig snaps/bsd.rd > Signature Verified > snaps/bsd.rd: FAIL The name in SHA256.sig is not snaps/bsd.rd, and so there is no match.