<center>搭建本地apt仓库</center>
在制作deb文件的过程中,需要频繁进行安装和验证。对比用dpkg -i安装deb文件的方法,搭建一个本地的apt仓库,不仅可以方便安装多个deb文件,还可以解决依赖问题。
1.apt仓库的种类
apt仓库可以分为两种:official archive和trivial archive。official archive是指有多个suite和多个component的仓库,而trivial archive是一种简单仓库,只有一个suite、一个 component和一个Packages文件。在apt的sources.list文件添加仓库时的命令行也有区别:
official archive "deb http://example.org/debian unstable main"
trivial archive "deb http://example.org/debian ./"
本地apt仓库只是为了便于验证deb文件,搭建trivial archive即可。
2.准备工作
apt仓库的搭建过程中,涉及到gpg签名,所以要先生成自己的密钥。
jishu@Jishu:~$ sudo apt-get install gpg
jishu@Jishu:~$ sudo gpg --gen-key
gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: directory '/home/jishu/.gnupg' created
gpg: keybox '/home/jishu/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: <用户名>
Email address: <邮箱>
......
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
......
设置密钥
generator a better chance to gain enough entropy.
gpg: /home/jishu/.gnupg/trustdb.gpg: trustdb created
gpg: key 9CC767785FB43375 marked as ultimately trusted
gpg: directory '/home/jishu/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/home/jishu/.gnupg/openpgp-revocs.d/E5859F5057AD22A93055A7239CC767785FB43375.rev'
public and secret key created and signed.
......
设置密钥后如果界面被卡住了,那是因为命令生成key时,需要kernel为该程序生成足够多的随机数,手动为kernel生成随机数即可。
打开另外一个窗口,执行以下命令:
sudo apt-get install rng-tools
sudo rngd -r /dev/urandom
密钥生成后,可以通过命令查看。
sudo gpg --list-keys
3.搭建trivial archive
下面来实践搭建trivial archive。
1) 准备工作,安装必要的软件
sudo apt-get install dpkg-dev
sudo apt install apt-utils 2) 创建目录,把deb文件文件拷贝进去
3) 进入目录,生成Packages文件
dpkg-scanpackages -m . > Packages 4) 生成Release文件
apt-ftparchive release . > Release5) 生成Release.gpg签名文件
sudo gpg --armor --detach-sign --sign -o Release.gpg Release
6) 生成InRelease文件
sudo gpg --clearsign -o InRelease Release
7) 修改apt的sources.list文件,添加本地仓库
sudo vim /etc/apt/sources.list
......
deb file:/home/jishu/debs ./
8) 更新apt,需要添加--allow-insecure-repositories参数
jishu@Jishu:~/debs$ sudo apt-get update --allow-insecure-repositories
Get:1 file:/home/jishu/debs ./ InRelease [1524 B]
Get:1 file:/home/jishu/debs ./ InRelease [1524 B]
Ign:1 file:/home/jishu/debs ./ InRelease
Get:2 file:/home/jishu/debs ./ Packages [3308 B]
......
Fetched 252 kB in 1s (182 kB/s)
Reading package lists... Done
W: GPG error: file:/home/jishu/debs ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9CC767785FB43375
W: The repository 'file:/home/jishu/debs ./ InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
apt更新完成后,就可以用apt命令安装本地仓库中的软件了。
参考文档
1. https://wiki.debian.org/Debia...
2. https://www.jianshu.com/p/125...
3. https://blog.iternull.com/pos...
4. https://www.cnblogs.com/stysh...
