云芯一号教程 – 搭建本地apt仓库

<center>搭建本地apt仓库</center>

  在制作deb文件的过程中,需要频繁进行安装和验证。对比用dpkg -i安装deb文件的方法,搭建一个本地的apt仓库,不仅可以方便安装多个deb文件,还可以解决依赖问题。

1.apt仓库的种类
  apt仓库可以分为两种:official archive和trivial archive。official archive是指有多个suite和多个component的仓库,而trivial archive是一种简单仓库,只有一个suite、一个 component和一个Packages文件。在apt的sources.list文件添加仓库时的命令行也有区别:

  official archive    "deb http://example.org/debian unstable main"
  trivial archive     "deb http://example.org/debian ./"

  本地apt仓库只是为了便于验证deb文件,搭建trivial archive即可。

2.准备工作
  apt仓库的搭建过程中,涉及到gpg签名,所以要先生成自己的密钥。

  jishu@Jishu:~$ sudo apt-get install gpg
  
  jishu@Jishu:~$ sudo gpg --gen-key
  gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
  This is free software: you are free to change and redistribute it.
  There is NO WARRANTY, to the extent permitted by law.
   
  gpg: directory '/home/jishu/.gnupg' created
  gpg: keybox '/home/jishu/.gnupg/pubring.kbx' created
  Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
  
  GnuPG needs to construct a user ID to identify your key.
  
  Real name: <用户名>
  Email address: <邮箱>
  ......
  Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
  ......
  
  设置密钥
  
  generator a better chance to gain enough entropy.
  gpg: /home/jishu/.gnupg/trustdb.gpg: trustdb created
  gpg: key 9CC767785FB43375 marked as ultimately trusted
  gpg: directory '/home/jishu/.gnupg/openpgp-revocs.d' created
  gpg: revocation certificate stored as '/home/jishu/.gnupg/openpgp-revocs.d/E5859F5057AD22A93055A7239CC767785FB43375.rev'
  public and secret key created and signed.
  ......     

  设置密钥后如果界面被卡住了,那是因为命令生成key时,需要kernel为该程序生成足够多的随机数,手动为kernel生成随机数即可。
  打开另外一个窗口,执行以下命令:

  sudo apt-get install rng-tools
  sudo rngd -r /dev/urandom

  密钥生成后,可以通过命令查看。

  sudo gpg --list-keys

3.搭建trivial archive
  下面来实践搭建trivial archive。
  1) 准备工作,安装必要的软件

  sudo apt-get install dpkg-dev
  sudo apt install apt-utils

  2) 创建目录,把deb文件文件拷贝进去
  3) 进入目录,生成Packages文件

  dpkg-scanpackages -m . > Packages      

  4) 生成Release文件

  apt-ftparchive release . > Release

  5) 生成Release.gpg签名文件

  sudo gpg --armor --detach-sign --sign -o Release.gpg Release 

  6) 生成InRelease文件

  sudo gpg --clearsign -o InRelease Release

  7) 修改apt的sources.list文件,添加本地仓库

  sudo vim /etc/apt/sources.list
  
    ......
    deb file:/home/jishu/debs ./

  8) 更新apt,需要添加–allow-insecure-repositories参数

  jishu@Jishu:~/debs$ sudo apt-get update --allow-insecure-repositories
  Get:1 file:/home/jishu/debs ./ InRelease [1524 B]
  Get:1 file:/home/jishu/debs ./ InRelease [1524 B]
  Ign:1 file:/home/jishu/debs ./ InRelease                           
  Get:2 file:/home/jishu/debs ./ Packages [3308 B]                 
  ......
  Fetched 252 kB in 1s (182 kB/s)                                
  Reading package lists... Done
  W: GPG error: file:/home/jishu/debs ./ InRelease: The following    signatures couldn't be verified because the public key is not available: NO_PUBKEY 9CC767785FB43375
  W: The repository 'file:/home/jishu/debs ./ InRelease' is not signed.
  N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
  N: See apt-secure(8) manpage for repository creation and user configuration details.

  apt更新完成后,就可以用apt命令安装本地仓库中的软件了。

参考文档
  1. https://wiki.debian.org/Debia…
  2. https://www.jianshu.com/p/125…
  3. https://blog.iternull.com/pos…
  4. https://www.cnblogs.com/stysh…

发表评论

邮箱地址不会被公开。 必填项已用*标注

相关