Ric*_*mer 5 keyrings iso gnupg 17.10
我一直无法找到有关构建自定义 Ubuntu ISO 的明确说明。许多消息来源说我必须首先生成一个自定义版本ubuntu-keyring,我将使用它来验证 ISO 上的包。但是我发现的用于制作自定义构建的说明都没有实际工作。
示例:https : //help.ubuntu.com/community/InstallCDCustomization#Generating_a_new_ubuntu-keyring_.deb_to_sign_your_CD https://help.ubuntu.com/community/InstallCDCustomization/Scripts
到目前为止,这似乎是有效的,但我真的无法判断我这样做是否正确:
apt-get source ubuntu-keyring
cd ubuntu-keyring-*/keyrings
cat >gpg.gen <<GEN
%no-protection
Key-Type: DSA
Key-Length: 1024
Subkey-Type: ELG-E
Subkey-Length: 1024
Name-Real: Rich Remer
Name-Email: rich.remer@example.com
Expire-Date: 0
%pubring my.gpg
%commit
GEN
gpg --batch --gen-key gpg.gen
gpg --import < my.gpg 2>/dev/null
gpg --import < ubuntu-archive-keyring.gpg 2>/dev/null
my=$(gpg my.gpg | grep -A1 ^pub | grep ^\\s)
ubuntu=$(gpg ubuntu-archive-keyring.gpg | grep -A1 ^pub | grep ^\\s)
keys="$my $ubuntu"
gpg --yes --output=ubuntu-archive-keyring.gpg --export $keys
cd .. # into ubuntu-keyring source directory
此时,我尝试使用以下推荐命令使用我的密钥重建包:
dpkg-buildpackage -rfakeroot -m"Rich Remer <rich.remer@example.com>" -k$key
这会导致构建错误:
dpkg-buildpackage: info: source package ubuntu-keyring
dpkg-buildpackage: info: source version 2016.10.27
dpkg-buildpackage: info: source distribution zesty
dpkg-buildpackage: info: host architecture amd64
dpkg-source --before-build ubuntu-keyring-2016.10.27
fakeroot debian/rules clean
test -f keyrings/ubuntu-archive-keyring.gpg
rm -f foo foo.asc *.bak *~ */*~ debian/files* debian/*substvars
rm -rf debian/tmp debian/ubuntu-keyring-udeb
dpkg-source -b ubuntu-keyring-2016.10.27
dpkg-source: warning: no source format specified in debian/source/format, see dpkg-source(1)
dpkg-source: info: using source format '1.0'
dpkg-source: info: building ubuntu-keyring in ubuntu-keyring_2016.10.27.tar.gz
dpkg-source: info: building ubuntu-keyring in ubuntu-keyring_2016.10.27.dsc
debian/rules build
make: Nothing to be done for 'build'.
fakeroot debian/rules binary
test -f keyrings/ubuntu-archive-keyring.gpg
test root = "`whoami`"
gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg --decrypt SHA512SUMS.txt.asc | sha512sum -c -
keyrings/ubuntu-archive-keyring.gpg: FAILED
gpg: Signature made Thu 27 Oct 2016 07:31:05 AM PDT
gpg: using RSA key CAC2D8B9CD2CA5F9
keyrings/ubuntu-archive-removed-keys.gpg: OK
keyrings/ubuntu-keyring-2012-archive.gpg: OK
keyrings/ubuntu-keyring-2012-cdimage.gpg: OK
keyrings/ubuntu-master-keyring.gpg: OK
gpg: Good signature from "Dimitri John Ledkov <xnox@ubuntu.com>" [unknown]
gpg: aka "Dimitri John Ledkov <xnox@debian.org>" [unknown]
gpg: aka "Dimitri John Ledkov (Member, Board of Directors) <xnox@spi-inc.org>" [unknown]
gpg: aka "Dimitri John Ledkov (2015) <dimitri.ledkov@canonical.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: D764 F6CC 2AB5 9A38 B114 7D73 887B 6061 8B3C 16AE
Subkey fingerprint: 773C 99EB D0A1 1172 217A 7C3F CAC2 D8B9 CD2C A5F9
sha512sum: WARNING: 1 computed checksum did NOT match
debian/rules:88: recipe for target 'checkkeyrings' failed
make: *** [checkkeyrings] Error 1
dpkg-buildpackage: error: fakeroot debian/rules binary gave error exit status 2
我不确定我还应该做什么ubuntu-keyring来构建包。如果这很重要,这必须在无人看管的情况下执行,没有用户交互。我注意到的一件事是我正在运行 Artful Aardvark,但构建报告:info: source distribution zesty. 可能是一个红鲱鱼,或者它可能很重要。
小智 0
这对我有用:
cat ubuntu-archive-keyring.gpg | sha512sum
复制并替换为:在 ubuntu-keyring-*/SHA512SUMS.txt.asc 中的“keyrings/ubuntu-archive-keyring.gpg”之前
| 归档时间: |
|
| 查看次数: |
818 次 |
| 最近记录: |