Archive for July 2010
openSuSE 11.1 / SLES11 and add-on repositories
Posted on Thu, Jul 15, 2010 at 13:14 by Hubertus A. Haniel
In the past you could add a file called "add_on_products" to the root of the installation source. Now this has changed to an XML format and it is called add_on_products.xml in OpenSuSE 11.1 or SLES11
<?xml version="1.0"?>
<add_on_products xmlns="http://www.suse.com/1.0/yast2ns"
xmlns:config="http://www.suse.com/1.0/configns">
<product_items config:type="list">
<product_item>
<name>11.1 updates</name>
<url>http://10.10.0.162/11.1_install/DVD1/updates</url>
<path>/</path>
<ask_user config:type="boolean">false</ask_user>
<selected config:type="boolean">true</selected>
</product_item>
<!-- Another product item -->
<product_item />
</product_items>
</add_on_products>
To be able to use the file you also have to sign it and make sure the signature is available in the installer like so:
sha1sum add_on_products.xml > SHA1SUMS
Sign it with your GPG Key:
gpg -b --sign --armor SHA1SUMS
A file SHA1SUMS.asc will be created which contains the signature for the SHA1SUMS file. That means, if you change the SHA1SUMS file from now on, you have to recreate the SHA1SUMS.asc file too.
The installer needs to know your public gpg key now, so it can check the signature of that file. You need to add your public gpg key to the initrd AND you have to store it in a file called SHA1SUMS.key. First of all you need to export your public gpg key like this:
gpg --export --armor $KEYID > SHA1SUMS.key
Now update the YaST directory listing:
ls > directory.yast
Copy the key file to a file with a gpg extension:
cp SHA1SUMS.key my-key.gpg
Now you have to add that key to the initrd in /boot/i386/loader/initrd on the DVD or on your tftp server for PXE booting. Add the key like this:
mv initrd initrd.gz gunzip initrd.gz find my-key.gpg | cpio -o -A -F initrd -H newc gzip initrd mv initrd.gz initrdEdited on: Sat, Sep 24, 2011 15:43
Posted in Automation (RSS), HowTo (RSS), System - Linux (RSS)
