Difference between revisions of "Bering-uClibc 6.x - User Guide - Advanced Topics - Unpacking a gpg signed lrp package"

From bering-uClibc
Jump to: navigation, search
(Unpacking a gpg signed lrp package)
(Unpacking a gpg signed lrp package)
Line 11: Line 11:
  
  
Starting with version 6.2 , the packages in the distribution are now gpg signed. To manually extract their content, you'll have to decrypt the lrp. Start by extracting <code class="filename">initrd.lrp</code> where the signature is to be found.  
+
Starting with version 6.2 , the packages in the distribution are now gpg signed. This implies you won't be able to unpack them the old way, which was simply changing the package extension .lrp to .tgz and doing a "tar zxvf" on the .tgz . This is done in the name of security.  
  
First go to your distribution directory:  
+
It is still possible to access the content of the lrp, to make you personal changes, but you'll have to do some more steps to manually extract them, you'll have to decrypt the lrp first. Once your modifications are done, repackage the lrp as before, you will only get a warning at reboot that the package does not have a valid signature, but it will work as expected, unless your changes broke it :-( !
 +
 
 +
Start by extracting <code class="filename">initrd.lrp</code> where the signature is to be found.
 +
 
 +
Go to your distribution directory and do:  
  
 
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200
 
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200
Line 28: Line 32:
 
  tar zxvf etc.tgz
 
  tar zxvf etc.tgz
  
You now have access to the package content. Make you modifications and when done, repackage the lrp with:
+
You now have access to the package content. Make you modifications and when done, repackage the lrp the usual way with:
  
 
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200/etc
 
  cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200/etc
Line 34: Line 38:
 
  tar -c * | gzip -9 > etc.lrp
 
  tar -c * | gzip -9 > etc.lrp
  
Replace the old <code class="filename">etc.lrp</code> in the distribution with your modified version, but during boot you'll get a warning
+
Replace the old <code class="filename">etc.lrp</code> in the distribution with your modified version, but, I repeat,  during boot you'll get a warning
 
that the <code class="filename">etc.lrp</code> has no valid signature, but it will work as expected.
 
that the <code class="filename">etc.lrp</code> has no valid signature, but it will work as expected.
  

Revision as of 04:23, 26 August 2020

Unpacking a gpg signed lrp package
Prev Bering-uClibc 6.x - User Guide

Unpacking a gpg signed lrp package

Starting with version 6.2 , the packages in the distribution are now gpg signed. This implies you won't be able to unpack them the old way, which was simply changing the package extension .lrp to .tgz and doing a "tar zxvf" on the .tgz . This is done in the name of security.

It is still possible to access the content of the lrp, to make you personal changes, but you'll have to do some more steps to manually extract them, you'll have to decrypt the lrp first. Once your modifications are done, repackage the lrp as before, you will only get a warning at reboot that the package does not have a valid signature, but it will work as expected, unless your changes broke it :-( !

Start by extracting initrd.lrp where the signature is to be found.

Go to your distribution directory and do:

cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200
mkdir initrd
cd initdr
gzip -cd ../initrd.lrp | cpio -idmv 

now, let's decrypt and extract for instance etc.lrp...

cd ..
mkdir etc
cd etc
gpg --keyring ../initrd/root/.gnupg/LEAF_sigkeys.gpg --decrypt -o etc.tgz ../etc.lrp
tar zxvf etc.tgz

You now have access to the package content. Make you modifications and when done, repackage the lrp the usual way with:

cd Downloads/Bering-uClibc_7.x.x_x86_64_syslinux_serial115200/etc
rm etc.tgz
tar -c * | gzip -9 > etc.lrp

Replace the old etc.lrp in the distribution with your modified version, but, I repeat, during boot you'll get a warning that the etc.lrp has no valid signature, but it will work as expected.


Prev Up