如何安全地下载新内核?
我想为我的 ubuntu 测试一个新内核。我想要最新的稳定内核可用。我怎样才能安全地做到这一点?也就是说,没有http下载。
您可以在https://kernel.ubuntu.com/~kernel-ppa/mainline/下载内核就绪形式 Ubuntu 的最新版本
然后使用
须藤 dpkg --install *.deb
安装它
介绍
问题的关键是如何安全地做到这一点。我将这个答案分为四个部分:
- 如何找到最新的主线稳定 Ubuntu 内核
- 如何下载内核和校验和文件
- 如何验证校验和
- 如何安装新内核
如何找到最新的主线稳定 Ubuntu 内核
转到https://kernel.ubuntu.com/~kernel-ppa/mainline并单击两次修改日期。第一次按日期升序排序,第二次按降序排序。您的最新内核将位于最前面:
我对4.14.120哪个是五年的 LTS(长期支持)内核感兴趣。我将单击它并转到下一部分:
如何下载内核和校验和文件
我选择了通用软件包进行下载:
linux-headers-4.14.120-0414120_4.14.120-0414120.201905161610_all.deb
linux-headers-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
linux-image-unsigned-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
linux-modules-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
进一步向下滚动,您会发现CHECKSUM保证发布的内容是您实际收到的文件:
CHECKSUMS 2019-05-16 21:34 9.0K
CHECKSUMS.gpg 2019-05-16 21:34 473
单击两个校验和以下载它们并进入下一部分。
如何验证校验和
下载校验和链接后,请按照以下说明操作:
验证主线构建二进制文件
为了验证已发布的构建是主线构建系统所做的构建,对各个文件进行校验和并将结果作为 CHECKSUMS 发布在同一目录中。该文件又由主线构建器使用下面的 GPG 密钥进行签名,该密钥可以从 Ubuntu 密钥服务器获得:
pub 2048R/17C622B0 2008-05-01 密钥指纹 = 60AA 7B6F 3043 4AE6 8E56 9963 E50C 6A09 17C6 22B0 uid 内核 PPA
可以通过运行以下命令来完成验证:
Run Code Online (Sandbox Code Playgroud)Import the above public key to your keyring (if you haven't already done that): $ gpg --keyserver hkps://pgp.mit.edu --recv-key "60AA7B6F30434AE68E569963E50C6A0917C622B0" Download the CHECKSUMS and CHECKSUMS.gpg files from the build directory and verify if the CHECKSUMS is signed with the above key: $ gpg --verify CHECKSUMS.gpg CHECKSUMS gpg: Signature made .... using RSA key ID 17C622B0 gpg: Good signature from "Kernel PPA <kernel-ppa@canonical.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Verify the checksums of downloaded deb files: $ shasum -c CHECKSUMS 2>&1 | grep 'OK$' You should get a line ending with "OK" for each of downloaded deb file and each type of checksums that are given in the CHECKSUMS file.
我编辑了CHECKSUMS文件并删除了不相关的内核(ARM、S390、低延迟、Power PC 和 32 位),只留下上面下载的文件的校验和:
# Checksums for v4.14.120, check with the command below:
# shasum -c CHECKSUMS
#
# Checksums-Sha1:
b26b07d9ae2dcf25648dab3fe2374f6a2df219d1 COMMIT
44d09220f11394adb7067a79ce1693ed8e6e149e linux-headers-4.14.120-0414120_4.14.120-0414120.201905161610_all.deb
4cea2a7041ddf2655426f9fc4a57c39d0b6e02b8 linux-headers-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
24ae91d3d812ef2fec4527f5d2acd5d089c27cb1 linux-image-unsigned-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
194fbaae734d33ba26ec1bb631f59b1c01740a3d linux-modules-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
#
# Checksums-Sha256:
c253adc68879d07caffca5037ca997d7d2c7b74e87073093566c33e7a6a517e8 COMMIT
bf32ef3ee0b410f9264f1b6dd2349c5753ba73d02b5977d49010120ac6f1e7aa linux-headers-4.14.120-0414120_4.14.120-0414120.201905161610_all.deb
4f769f431f99cadb4c564d0da4c6231a2c593307c10c520f81b74834a6149b28 linux-headers-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
b18a6163ec0a42a598795cb181dcde86d0c59e9b9b117a1b9e5d7186e967b59a linux-image-unsigned-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
8aa8790171b9e948f2d5b0ce8c54a81d2b2bfb9d33ead499d865f841497fcabc linux-modules-4.14.120-0414120-generic_4.14.120-0414120.201905161610_amd64.deb
注意:由于某种原因,CHECKSUMS文件打开而不是下载。我不得不将文本复制并粘贴到手动创建的文件中CHECKSUMS。
如何安装新内核
假设校验和验证通过更改到您的下载目录并安装:
cd ~/Downloads # Go to our downloads directory
sudo dpkg -i *.deb # Install all four kernel .deb files downloaded
rm -f *.deb # Clean up so we don't accidentally install next time around
reboot # reboot to grub and select new kernel on Advanced Options
注意不要输入#那些用于解释目的的注释,机器会忽略它们。
| 归档时间: |
|
| 查看次数: |
713 次 |
| 最近记录: |