apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG

Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <[email protected]>

config/Config-build.in

@@ -113,6 +113,7 @@ menu "Global build settings"
 	config IPK_FILES_CHECKSUMS
 		bool
 		prompt "Record files checksums in package metadata"
+		depends on !USE_APK
 		help
 		  This makes file checksums part of package metadata. It increases size
 		  but provides you with pkg_check command to check for flash corruptions.

include/package-pack.mk

@@ -226,15 +226,6 @@ endif
 
 	$(RSTRIP) $$(IDIR_$(1))
 
-    ifneq ($$(CONFIG_IPK_FILES_CHECKSUMS),)
-	(cd $$(IDIR_$(1)); \
-		( \
-			find . -type f \! -path ./CONTROL/\* -exec $(MKHASH) sha256 -n \{\} \; 2> /dev/null | \
-			sed 's|\([[:blank:]]\)\./| \1/|' > $$(IDIR_$(1))/CONTROL/files-sha256sum \
-		) || true \
-	)
-    endif
-
     ifneq ($$(KEEP_$(1)),)
 		@( \
 			keepfiles=""; \
@@ -329,6 +320,10 @@ else
 		rm -rf $$(IDIR_$(1))/CONTROL/conffiles; \
 	fi
 
+    ifneq ($$(CONFIG_IPK_FILES_CHECKSUMS),)
+	if [ -f $$(IDIR_$(1))/CONTROL/files-sha256sum ]; then mv -f $$(IDIR_$(1))/CONTROL/files-sha256sum $$(IDIR_$(1))/lib/apk/packages/$(1).files-sha256sum; fi
+    endif
+
 	if [ -z "$$$$(ls -A $$(IDIR_$(1))/CONTROL 2>/dev/null)" ]; then \
 		rm -rf $$(IDIR_$(1))/CONTROL; \
 	else \

package/base-files/files/sbin/pkg_check

@@ -23,6 +23,13 @@ MISSING=""
 SUMMARY=""
 NL="
 "
+if [ -d /usr/lib/opkg ]; then
+	IPKG_INFO_DIR=/usr/lib/opkg/info
+elif [ -d /lib/apk ];
+	IPKG_INFO_DIR=/lib/apk/packages
+else
+	exti 1
+fi
 
 # Arguments parsing
 while expr "x$1" : "x-" > /dev/null; do
@@ -49,12 +56,12 @@ done
 
 # Check all packages by default
 if [ -z "$1" ]; then
-	set $(cd /usr/lib/opkg/info/; for i in *.files-sha256sum; do basename $i .files-sha256sum; done)
+	set $(cd $IPKG_INFO_DIR; for i in *.files-sha256sum; do basename $i .files-sha256sum; done)
 fi
 
 # Iterate over packages
 while [ "$1" ]; do
-	if [ \! -f "/usr/lib/opkg/info/$1.files-sha256sum" ]; then
+	if [ \! -f "$IPKG_INFO_DIR/$1.files-sha256sum" ]; then
 		if [ "$ERRFATAL" = no ]; then
 			echo " * No checksums for $1 - skipping"
 			echo
@@ -72,13 +79,13 @@ while [ "$1" ]; do
 	fi
 	[ $QUIET = yes ] || echo " * Checking package $1:"
 	ERR=""
-	CHECK="$(sha256sum -c /usr/lib/opkg/info/$1.files-sha256sum 2> /dev/null)"
+	CHECK="$(sha256sum -c $IPKG_INFO_DIR/$1.files-sha256sum 2> /dev/null)"
 
 	# Are the changed files config files?
-	if [ $? -ne 0 ] && [ "$(cat "/usr/lib/opkg/info/$1.files-sha256sum")" ]; then
+	if [ $? -ne 0 ] && [ "$(cat "$IPKG_INFO_DIR/$1.files-sha256sum")" ]; then
 		NEWCHECK="$(echo "$CHECK" | grep '^.*: OK$')"
 		for i in $(echo "$CHECK" | sed -n 's|^\(.*\): FAILED$|\1|p'); do
-			if [ "$(grep "^$i\$" "/usr/lib/opkg/info/$1.conffiles" 2> /dev/null)" ] || \
+			if [ "$(grep "^$i\$" "$IPKG_INFO_DIR/$1.conffiles" 2> /dev/null)" ] || \
 			   [ "$(echo "$i" | grep "^/etc/uci-defaults/")" ]; then
 				NEWCHECK="${NEWCHECK}${NL}${i}: CONFIGURED"
 			else
@@ -91,7 +98,7 @@ while [ "$1" ]; do
 
 	# Do we have changed files or not?
 	if [ -z "$ERR" ]; then
-		[ $QUIET = yes ] || [ ! -s "/usr/lib/opkg/info/$1.files-sha256sum" ] || echo "$CHECK" | sed 's|^|   - |'
+		[ $QUIET = yes ] || [ ! -s "$IPKG_INFO_DIR/$1.files-sha256sum" ] || echo "$CHECK" | sed 's|^|   - |'
 		[ $QUIET = yes ] || echo " * Package $1 is ok"
 		[ $QUIET = yes ] || echo
 	else