Difference between revisions of "Bering-uClibc 6.x - User Guide - Advanced Topics - Unpacking a gpg signed lrp package"

From bering-uClibc
Jump to: navigation, search
(Unpacking a signed package)
(10 intermediate revisions by 2 users not shown)
Line 8: Line 8:
 
-----
 
-----
  
==Unpacking a signed package==
+
==Unpacking a gpg signed lrp package==
  
  
Starting with version 7.x , the packages in the distribution are now gpg signed. To manually extract their content, you'll have to decrypt the lrp. Start by extracting <code class="filename">initrd.lrp</code> where the signature is to be found.
+
Starting with version 6.2 , the packages in the distribution are now gpg signed for security reasons. This implies you won't be able to unpack them the old way, which was simply doing:
  
First go to your distribution directory:
+
tar zxvf file.lrp
  
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200
+
It is still possible to access the content of the lrp, to make you personal changes, but you'll have to do some more steps to manually extract them, you'll have to decrypt the lrp first. Once your modifications are done, repackage the lrp as before, you will only get a warning at reboot that the package does not have a valid signature, but it will work as expected, unless your changes broke it :-( !
 +
 
 +
Start by extracting <code class="filename">initrd.lrp</code> where the public key signature is to be found.
 +
 
 +
Go to your distribution directory and do:
 +
 
 +
  cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200
 
  mkdir initrd
 
  mkdir initrd
 
  cd initdr
 
  cd initdr
Line 28: Line 34:
 
  tar zxvf etc.tgz
 
  tar zxvf etc.tgz
  
You now have access to the package content. Make you modifications and when done, repackage the lrp with:
+
You now have access to the package content. Make you modifications and when done, repackage the lrp the usual way with:
  
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200/etc
+
  cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200/etc
 
  rm etc.tgz
 
  rm etc.tgz
 
  tar -c * | gzip -9 > etc.lrp
 
  tar -c * | gzip -9 > etc.lrp
  
Replace the old <code class="filename">etc.lrp</code> in the distribution with your modified version, but during boot you'll get a warning
+
Replace the old <code class="filename">etc.lrp</code> in the distribution with your modified version, but, I repeat,  during boot you'll get a warning
that the <code class="filename">etc.lrp</code> has no valid signature.
+
that the <code class="filename">etc.lrp</code> has no valid signature, but it will work as expected.
  
 
-----
 
-----

Revision as of 20:22, 18 December 2020

Unpacking a gpg signed lrp package
Prev Bering-uClibc 6.x - User Guide

Unpacking a gpg signed lrp package

Starting with version 6.2 , the packages in the distribution are now gpg signed for security reasons. This implies you won't be able to unpack them the old way, which was simply doing:

tar zxvf file.lrp

It is still possible to access the content of the lrp, to make you personal changes, but you'll have to do some more steps to manually extract them, you'll have to decrypt the lrp first. Once your modifications are done, repackage the lrp as before, you will only get a warning at reboot that the package does not have a valid signature, but it will work as expected, unless your changes broke it :-( !

Start by extracting initrd.lrp where the public key signature is to be found.

Go to your distribution directory and do:

cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200
mkdir initrd
cd initdr
gzip -cd ../initrd.lrp | cpio -idmv 

now, let's decrypt and extract for instance etc.lrp...

cd ..
mkdir etc
cd etc
gpg --keyring ../initrd/root/.gnupg/LEAF_sigkeys.gpg --decrypt -o etc.tgz ../etc.lrp
tar zxvf etc.tgz

You now have access to the package content. Make you modifications and when done, repackage the lrp the usual way with:

cd Downloads/Bering-uClibc_6.2.x_x86_64_syslinux_serial115200/etc
rm etc.tgz
tar -c * | gzip -9 > etc.lrp

Replace the old etc.lrp in the distribution with your modified version, but, I repeat, during boot you'll get a warning that the etc.lrp has no valid signature, but it will work as expected.


Prev Up