Difference between revisions of "Bering-uClibc 6.x - User Guide - Advanced Topics - Unpacking a gpg signed lrp package"

From bering-uClibc
Jump to: navigation, search
(15 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
+
{| summary="Navigation header" width="100%"
 +
! colspan="3" align="center" | [[Bering-uClibc 6.x - User Guide - Advanced Topics - Unpacking a gpg signed lrp package | Unpacking a gpg signed lrp package]]
 +
|-
 +
| width="20%" align="left"  | [[Bering-uClibc 6.x - User Guide - Advanced Topics - Setting Up a Raspberry PI as a net to serial gateway|Prev]]
 +
! width="60%" align="center" | [[Bering-uClibc 6.x - User Guide]]
 +
| width="20%" align="right"  |
 +
|}
 
-----
 
-----
  
===Unpacking a signed package===
+
==Unpacking a gpg signed lrp package==
  
Starting with version 7.x , the packages in the distribution are now gpg signed. To manually extract their content, you'll have to decrypt the lrp. Start by extracting <code class="filename">initrd.lrp</code> where the signature is to be found: first go to your distribution directory:
 
  
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200
+
Starting with version 6.2 , the packages in the distribution are now gpg signed for security reasons. This implies you won't be able to unpack them the old way, which was simply doing:
 +
 
 +
tar zxvf file.lrp
 +
 
 +
It is still possible to access the content of the lrp, to make you personal changes, but you'll have to do some more steps to manually extract them, you'll have to decrypt the lrp first. Once your modifications are done, repackage the lrp as before, you will only get a warning at reboot that the package does not have a valid signature, but it will work as expected, unless your changes broke it :-( !
 +
 
 +
Start by extracting <code class="filename">initrd.lrp</code> where the public key signature is to be found.
 +
 
 +
Go to your distribution directory and do:
 +
 
 +
  cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200
 
  mkdir initrd
 
  mkdir initrd
 
  cd initdr
 
  cd initdr
Line 19: Line 34:
 
  tar zxvf etc.tgz
 
  tar zxvf etc.tgz
  
You now have access to the package content. Make you modifications and when done, repackage the lrp with:
+
You now have access to the package content. Make you modifications and when done, repackage the lrp the usual way with:
  
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200/etc
+
  cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200/etc
 
  rm etc.tgz
 
  rm etc.tgz
 
  tar -c * | gzip -9 > etc.lrp
 
  tar -c * | gzip -9 > etc.lrp
  
Replace the old <code class="filename">etc.lrp</code> in the distribution with your modified version, but during boot you'll get a warning
+
Replace the old <code class="filename">etc.lrp</code> in the distribution with your modified version, but, I repeat,  during boot you'll get a warning
that the <code class="filename">etc.lrp</code> has no valid signature.
+
that the <code class="filename">etc.lrp</code> has no valid signature, but it will work as expected.
  
 
-----
 
-----
 +
{| summary="Navigation footer" width="100%"
 +
| width="40%" align="left"  | [[Bering-uClibc 6.x - User Guide - Advanced Topics - Setting Up a Raspberry PI as a net to serial gateway|Prev]]
 +
| width="20%" align="center" | [[Bering-uClibc 6.x - User Guide|Up]]
 +
| width="40%" align="right"  |
 +
|}
 +
 +
[[Category:Bering-uClibc 6.x]]
 +
[[Category:User Guide]]

Revision as of 20:22, 18 December 2020

Unpacking a gpg signed lrp package
Prev Bering-uClibc 6.x - User Guide

Unpacking a gpg signed lrp package

Starting with version 6.2 , the packages in the distribution are now gpg signed for security reasons. This implies you won't be able to unpack them the old way, which was simply doing:

tar zxvf file.lrp

It is still possible to access the content of the lrp, to make you personal changes, but you'll have to do some more steps to manually extract them, you'll have to decrypt the lrp first. Once your modifications are done, repackage the lrp as before, you will only get a warning at reboot that the package does not have a valid signature, but it will work as expected, unless your changes broke it :-( !

Start by extracting initrd.lrp where the public key signature is to be found.

Go to your distribution directory and do:

cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200
mkdir initrd
cd initdr
gzip -cd ../initrd.lrp | cpio -idmv 

now, let's decrypt and extract for instance etc.lrp...

cd ..
mkdir etc
cd etc
gpg --keyring ../initrd/root/.gnupg/LEAF_sigkeys.gpg --decrypt -o etc.tgz ../etc.lrp
tar zxvf etc.tgz

You now have access to the package content. Make you modifications and when done, repackage the lrp the usual way with:

cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200/etc
rm etc.tgz
tar -c * | gzip -9 > etc.lrp

Replace the old etc.lrp in the distribution with your modified version, but, I repeat, during boot you'll get a warning that the etc.lrp has no valid signature, but it will work as expected.


Prev Up