Jer*_*ers 5 opensuse zypper repository
我有两个几乎相同的 openSuSE 12.3 虚拟机,snip以及snap.
今天更新时,一个要求确认一个新的repository or package signing key,另一个没有。
我想确保我没有做错任何事情(以防万一其中一个以一种或另一种方式受到损害),特别是因为系统不要求密钥表明所有存储库都是最新的。
所以:
系统要求信任密钥:
snap:/home/jeroenp # zypper repos -d
# | Alias | Name | Enabled | Refresh | Priority | Type | URI | Service
---+---------------------------+------------------------------------+---------+---------+----------+--------+-------------------------------------------------------------------------------------------------+--------
1 | Security_-_openSUSE_12.3 | Security - openSUSE 12.3 | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/repositories/security/openSUSE_12.3/ |
2 | openSUSE-12.3-1.6 | openSUSE-12.3-1.6 | Yes | No | 99 | yast2 | cd:///?devices=/dev/disk/by-id/ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001,/dev/sr0 |
3 | repo-debug | openSUSE-12.3-Debug | No | Yes | 99 | NONE | http://download.opensuse.org/debug/distribution/12.3/repo/oss/ |
4 | repo-debug-update | openSUSE-12.3-Update-Debug | No | Yes | 99 | NONE | http://download.opensuse.org/debug/update/12.3/ |
5 | repo-debug-update-non-oss | openSUSE-12.3-Update-Debug-Non-Oss | No | Yes | 99 | NONE | http://download.opensuse.org/debug/update/12.3-non-oss/ |
6 | repo-non-oss | openSUSE-12.3-Non-Oss | Yes | Yes | 99 | yast2 | http://download.opensuse.org/distribution/12.3/repo/non-oss/ |
7 | repo-oss | openSUSE-12.3-Oss | Yes | Yes | 99 | yast2 | http://download.opensuse.org/distribution/12.3/repo/oss/ |
8 | repo-source | openSUSE-12.3-Source | No | Yes | 99 | NONE | http://download.opensuse.org/source/distribution/12.3/repo/oss/ |
9 | repo-update | openSUSE-12.3-Update | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/update/12.3/ |
10 | repo-update-non-oss | openSUSE-12.3-Update-Non-Oss | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/update/12.3-non-oss/ |
snap:/home/jeroenp # zypper update
Retrieving repository 'Security - openSUSE 12.3' metadata ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------[\]
New repository or package signing key received:
Key ID: 69D1B2AAEE3D166A
Key Name: security OBS Project <security@build.opensuse.org>
Key Fingerprint: AAF3EB044C49C402A9E7B9AE69D1B2AAEE3D166A
Key Created: Mon May 26 11:04:43 2014
Key Expires: Wed Aug 3 11:04:42 2016
Repository: Security - openSUSE 12.3
Do you want to reject the key, trust temporarily, or trust always? [r/t/a/? shows all options] (r): ^Csnap:/home/jeroenp # ^C
snap:/home/jeroenp #
系统不要求信任密钥:
snip:/home/jeroenp # zypper repos -d
# | Alias | Name | Enabled | Refresh | Priority | Type | URI | Service
---+---------------------------+------------------------------------+---------+---------+----------+--------+-------------------------------------------------------------------------------------------------+--------
1 | Security_-_openSUSE_12.3 | Security - openSUSE 12.3 | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/repositories/security/openSUSE_12.3/ |
2 | openSUSE-12.3-1.6 | openSUSE-12.3-1.6 | Yes | No | 99 | yast2 | cd:///?devices=/dev/disk/by-id/ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001,/dev/sr0 |
3 | repo-debug | openSUSE-12.3-Debug | No | Yes | 99 | NONE | http://download.opensuse.org/debug/distribution/12.3/repo/oss/ |
4 | repo-debug-update | openSUSE-12.3-Update-Debug | No | Yes | 99 | NONE | http://download.opensuse.org/debug/update/12.3/ |
5 | repo-debug-update-non-oss | openSUSE-12.3-Update-Debug-Non-Oss | No | Yes | 99 | NONE | http://download.opensuse.org/debug/update/12.3-non-oss/ |
6 | repo-non-oss | openSUSE-12.3-Non-Oss | Yes | Yes | 99 | yast2 | http://download.opensuse.org/distribution/12.3/repo/non-oss/ |
7 | repo-oss | openSUSE-12.3-Oss | Yes | Yes | 99 | yast2 | http://download.opensuse.org/distribution/12.3/repo/oss/ |
8 | repo-source | openSUSE-12.3-Source | No | Yes | 99 | NONE | http://download.opensuse.org/source/distribution/12.3/repo/oss/ |
9 | repo-update | openSUSE-12.3-Update | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/update/12.3/ |
10 | repo-update-non-oss | openSUSE-12.3-Update-Non-Oss | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/update/12.3-non-oss/ |
snip:/home/jeroenp # zypper update
Loading repository data...
Reading installed packages...
The following package update will NOT be installed:
libudev0
Nothing to do.
snip:/home/jeroenp # snip:/home/jeroenp # zypper refreshRepository 'Security - openSUSE 12.3' is up to date.
Repository 'openSUSE-12.3-1.6' is up to date.
Repository 'openSUSE-12.3-Non-Oss' is up to date.
Repository 'openSUSE-12.3-Oss' is up to date.
Repository 'openSUSE-12.3-Update' is up to date.
Repository 'openSUSE-12.3-Update-Non-Oss' is up to date.
All repositories have been refreshed.
snip:/home/jeroenp #
在openSuSE 论坛上,用户Robi Listas给出了一个答案,我完成了这个答案。总结如下:
Zypper 不会公开密钥的位置,但 openSuSE 上的存储库密钥文件位于您可以通过的列表中的/var/cache/zypp/raw/*/repodatawhere*是存储库的别名zypper repos。
我根据Tojaj 的脚本编写了一个小型 bash repomd_test.sh脚本,您可以为每个目录这样调用:repodata
for d in /var/cache/zypp/raw/*/repodata; do ~/repomd_test.sh $d; done
每个目录都有三个文件:
repomd.xml签名的存储库文件(这是 XML)repomd.xml.ascASCII“装甲”签名repomd.xmlrepomd.xml.keyrepomd.xml.asc用于创建签名的ASCII 公钥然后对于 repodata,它将添加repomd.xml.key到密钥环,然后验证确实repomd.xml对应于repomd.xml.asc签名并打印指纹和元信息(例如过期)。
| 归档时间: |
|
| 查看次数: |
5451 次 |
| 最近记录: |