Creazione di un Repository APT con key signing: Difference between revisions

← Older edit

VisualWikitext

Latest revision as of 16:47, 19 August 2011

Prima di tutto bisogna creare un pacchetto firmato.

PER UNA COSA PIÙ COMPLETA VEDI Howto create a Debian repository (rigacci.org)

Creare un repository standard

Il repository deve essere accessibile tramite l'indirizzo

http://support.rvmgroup.it/debian

E deve essere con la struttura:

/var/www/rvmgroup.it/support/html/debian
|-- binary
|   |-- ....
|   `-- ....
|-- firma
|-- gabriele.mailing@rvmgroup.it-public.key.gpg
`-- source

firma: script di signing (vedi avanti)
gabriele.mailing@rvmgroup.it-public.key.gpg: chiave pubblica per firma

Copiare i pacchetti GIA' FIRMATI in binary

Firma repository

Creare lo script

#!/bin/bash
cd /var/www/rvmgroup.it/support/html/debian/binary
rm -f Contents.bz2 Contents.gz Packages.bz2 Packages.gz \
      Release Release.gpg Sources.bz2 Sources.gz
cd ..

apt-ftparchive contents binary > binary/Contents
bzip2 -k binary/Contents
gzip -9 binary/Contents
apt-ftparchive packages binary > binary/Packages
bzip2 -k binary/Packages
gzip -9c binary/Packages > binary/Packages.gz
apt-ftparchive sources binary > binary/Sources
bzip2 -k binary/Sources
gzip -9c binary/Sources > binary/Sources.gz
cd binary
apt-ftparchive \
        -o APT::FTPArchive::Release::Origin="RVMGroup.it archive " \
        -o APT::FTPArchive::Release::Label="RVMGroup.it archive" \
        -o APT::FTPArchive::Release::Architectures="i386" \
        -o APT::FTPArchive::Release::Components="binary" \
        -o APT::FTPArchive::Release::Description="RVMGroup Debian Repository" \
        -o APT::FTPArchive::Release::Codename="binary" \
        -o APT::FTPArchive::Release::Suite="binary" \
        release . > Release
cd ..
rm -f binary/Packages binary/Sources
ssh -t fire.rvmgroup.it 'gpg -abs -o Release.gpg Release'
scp fire.rvmgroup.it:Release.gpg /var/www/rvmgroup.it/support/html/debian/binary

Firmare CON LA STESSA CHIAVE DEI PACCHETTI il file Release, chiamandolo Release.gpg e copiarlo in binary:

scp binary/Release fire.rvmgroup.it:

mnt.vvngrl@ergo:~$ gpg -abs -o Release.gpg Release
mnt.vvngrl@ergo:~$ scp Release.gpg support.rvmgroup.it:/var/www/rvmgroup.it/support/html/debian/binary

Configurazione client

sources.list

/etc/apt/sources.list
...
deb http://support.rvmgroup.it/debian binary/

Importazione chiave

sudo ls
wget http://support.rvmgroup.it/debian//gabriele.mailing@rvmgroup.it-public.key.gpg -O - | sudo apt-key add -

sudo apt-get update

Riferimenti

how to create a Release file - linux.debian.devel.mentors | Google Gruppi:

HowToSetupADebianRepository - Debian Wiki

Creare un Repository Debian - Guide@Debianizzati.Org

Debian Repository HOWTO

Debian Administration :: Setting up your own APT repository with upload support

Debian User Forums :: View topic - Package signing problem

Debian User Forums :: View topic - The correct way to sign debian packages

SecureApt - Debian Wiki

@@ Line 1: / Line 1: @@
 Prima di tutto bisogna creare un pacchetto firmato.
+* PER UNA COSA PIÙ COMPLETA VEDI [http://www.rigacci.org/wiki/doku.php/doc/appunti/linux/sa/debian_repository Howto create a Debian repository (rigacci.org)]
 ==Creare un repository standard==