Creazione di un Repository APT con key signing: Difference between revisions

From RVM Wiki
Jump to navigation Jump to search
← Older editNewer edit →
VisualWikitext
mNo edit summary
Line 65: Line 65:
  mnt.vvngrl@ergo:~$ gpg -abs -o Release.gpg Release
  mnt.vvngrl@ergo:~$ gpg -abs -o Release.gpg Release
  mnt.vvngrl@ergo:~$ scp Release.gpg support.rvmgroup.it:/var/www/rvmgroup.it/support/html/debian/binary
  mnt.vvngrl@ergo:~$ scp Release.gpg support.rvmgroup.it:/var/www/rvmgroup.it/support/html/debian/binary
==Riferimenti==
*[http://groups.google.ch/group/linux.debian.devel.mentors/browse_thread/thread/659a86953869de2f/ca50fd45b6fadc0e?lnk=st&q=Unable+to+find+expected+entry++Packages+in+Meta-index+file&rnum=5#ca50fd45b6fadc0e  how to create a Release file - linux.debian.devel.mentors | Google Gruppi:]
*[http://wiki.debian.org/HowToSetupADebianRepository HowToSetupADebianRepository - Debian Wiki]
*[http://guide.debianizzati.org/index.php/Creare_un_Repository_Debian Creare un Repository Debian - Guide@Debianizzati.Org]
*[http://www.debian.org/doc/manuals/repository-howto/repository-howto Debian Repository HOWTO]
*[http://www.debian-administration.org/articles/286 Debian Administration :: Setting up your own APT repository with upload support]
*[http://forums.debian.net/viewtopic.php?t=15209 Debian User Forums :: View topic - Package signing problem]
*[http://forums.debian.net/viewtopic.php?t=7320 Debian User Forums :: View topic - The correct way to sign debian packages]
*[http://wiki.debian.org/SecureApt SecureApt - Debian Wiki]

Revision as of 17:27, 24 May 2007

Prima di tutto bisogna creare un pacchetto firmato.

Creare un repository standard

Il repository deve essere accessibile tramite l'indirizzo

http://support.rvmgroup.it/debian

E deve essere con la struttura: 

/var/www/rvmgroup.it/support/html/debian
|-- binary
|   |-- ....
|   `-- ....
|-- firma
|-- gabriele.mailing@rvmgroup.it-public.key.gpg
`-- source
  • firma: script di signing (vedi avanti)
  • gabriele.mailing@rvmgroup.it-public.key.gpg: chiave pubblica per firma

Copiare i pacchetti GIA' FIRMATI in binary

Firma repository

Creare lo script 

#!/bin/bash
cd /var/www/rvmgroup.it/support/html/debian/binary
rm -f Contents.bz2 Contents.gz Packages.bz2 Packages.gz \
      Release Release.gpg Sources.bz2 Sources.gz
cd ..

apt-ftparchive contents binary > binary/Contents
bzip2 -k binary/Contents
gzip -9 binary/Contents
apt-ftparchive packages binary > binary/Packages
bzip2 -k binary/Packages
gzip -9c binary/Packages > binary/Packages.gz
apt-ftparchive sources binary > binary/Sources
bzip2 -k binary/Sources
gzip -9c binary/Sources > binary/Sources.gz
cd binary
apt-ftparchive \
        -o APT::FTPArchive::Release::Origin="RVMGroup.it archive " \
        -o APT::FTPArchive::Release::Label="RVMGroup.it archive" \
        -o APT::FTPArchive::Release::Architectures="i386" \
        -o APT::FTPArchive::Release::Components="binary" \
        -o APT::FTPArchive::Release::Description="RVMGroup Debian Repository" \
        -o APT::FTPArchive::Release::Codename="binary" \
        -o APT::FTPArchive::Release::Suite="binary" \
        release . > Release
cd ..
rm -f binary/Packages binary/Sources
ssh -t fire.rvmgroup.it 'gpg -abs -o Release.gpg Release'
scp fire.rvmgroup.it:Release.gpg /var/www/rvmgroup.it/support/html/debian/binary

Firmare CON LA STESSA CHIAVE DEI PACCHETTI il file Release, chiamandolo Release.gpg e copiarlo in binary: 

scp binary/Release fire.rvmgroup.it:

mnt.vvngrl@ergo:~$ gpg -abs -o Release.gpg Release
mnt.vvngrl@ergo:~$ scp Release.gpg support.rvmgroup.it:/var/www/rvmgroup.it/support/html/debian/binary

Riferimenti

Retrieved from "https://kb.rvmgroup.it/index.php?title=Creazione_di_un_Repository_APT_con_key_signing&oldid=5298"