On Fri, 9 Jan 2009, Nicolaus Millin wrote:
Steffen Winterfeldt schrieb:
On Thu, 8 Jan 2009, Nicolaus Millin wrote:
<snip> > > No idea about the product creator but you can boot with 'linuxrc.debug=2' > and will get the gpg messages on console 3. (Or log to a file with > 'linuxrc.log=/foo'.)
I get many lines and at the bottom of it -----> gpg: Signature made Thu Jan 8 19:56:00 2009 UTC using DSA key ID 99BB9231 gpg: Can't check signature: No public key <-----
Installation works without problem if I use
insecure=1
So I didn't sign linuxrc correctly or did not merge my key with the keyring or did not create my key in a correct way?
A "gpg --list-secret-keys info@xxxxxx.xx" gives -----> 1sec 1024D/99BB9231 2009-01-03 uid Nicolaus Millin (VorKon) info@xxxxxx.xx <-----
Maybe I'm missing a self signature here as well? This key was created from yast-product-creator.
The key must be in '/installkey.gpg' in the initrd. Please check that it's there.
Steffen
Steffen Winterfeldt schrieb:
On Fri, 9 Jan 2009, Nicolaus Millin wrote:
Steffen Winterfeldt schrieb:
<snip>
Maybe I'm missing a self signature here as well? This key was created from yast-product-creator.
The key must be in '/installkey.gpg' in the initrd. Please check that it's there.
Thanks for the hint. It took me a while to figure it out ;-). At last I found what I needed in the source of installation-images-11.53/Makefile.
In the makeSUSEdvd subroutine PUT_KEY_IN_INITRD one should add the lines
-----> gpg --trust-model always \ --keyring ./installkey.gpg \ --no-default-keyring \ --import ./pubring.gpg &>/dev/null <-----
and
-----> echo "installkey.gpg" | cpio -o -c -A -F "${INITRD}.uncomp" && <-----
Maybe this isn't the way how this should be done, but it works for me :-). I can create a remastered DVD now. As I said before the documentation (I know of) does not have the above, so maybe someone else will find this useful.
Best regards
Nico
Steffen
-
Nicolaus Millin -
Steffen Winterfeldt