Blastwave™ · Open Source Software for Solaris™ and OpenSolaris™
|
|||||
|
|
|
| |
|
Blastwave™ · Open Source Software for Solaris™ and OpenSolaris™ |
|||||
|
|
New GPG Key for Blastwave
Special Notice : The old GPG Key for Blastwave.org has been expired. It is no longer valid. Any software catalog signed with the old key should not be trusted and the only key that is valid is posted here, at Blastwave.org : Blastwave Software (Blastwave.org Inc.) <software@blastwave.org> GPG Key :
Use the following process to update your GPG Key correctly
# uname -a
SunOS fossil 5.8 Generic_117350-54 sun4m sparc SUNW,SPARCstation-20
# cat /etc/release
Solaris 8 2/04 s28s_hw4wos_05a SPARC
Copyright 2004 Sun Microsystems, Inc. All Rights Reserved.
Assembled 08 January 2004
# /opt/csw/bin/gpg --keyserver pgp.mit.edu --recv-keys A1999E90
gpg: requesting key A1999E90 from hkp server pgp.mit.edu
gpg: key A1999E90: public key "Blastwave Software (Blastwave.org Inc.) <software@blastwave.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
You now have the correct key in place but the question remains .. do you trust that key ? Do the following to trust the new GPG key from Blastwave.org :
# /opt/csw/bin/gpg --edit-key A1999E90
gpg (GnuPG) 1.4.8; Copyright (C) 2007 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub 1024D/A1999E90 created: 2008-08-17 expires: 2011-08-17 usage: SC
trust: unknown validity: unknown
sub 2048g/E4845389 created: 2008-08-17 expires: 2011-08-17 usage: E
[ unknown] (1). Blastwave Software (Blastwave.org Inc.) <software@blastwave.org>
Command> trust
pub 1024D/A1999E90 created: 2008-08-17 expires: 2011-08-17 usage: SC
trust: unknown validity: unknown
sub 2048g/E4845389 created: 2008-08-17 expires: 2011-08-17 usage: E
[ unknown] (1). Blastwave Software (Blastwave.org Inc.) <software@blastwave.org>
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
pub 1024D/A1999E90 created: 2008-08-17 expires: 2011-08-17 usage: SC
trust: ultimate validity: unknown
sub 2048g/E4845389 created: 2008-08-17 expires: 2011-08-17 usage: E
[ unknown] (1). Blastwave Software (Blastwave.org Inc.) <software@blastwave.org>
Please note that the shown key validity is not necessarily correct
unless you restart the program.
Command> quit
#
You now have a new key in place and it is trusted. The next step is to ensure that you are getting software from the correct place.
# vi /opt/csw/etc/pkg-get.conf
url=http://blastwave.network.com/csw/unstable
# If you are behind a firewall, set one of these as appropriate
#ftp_proxy=http://your-proxy:8023
#http_proxy=http://your-proxy:8023
#export http_proxy ftp_proxy
# Solaris 10: If you wish to limit pkg-get to installing packages
# ONLY to the global zone, then uncomment this line
#PKGADDFLAGS=-G
# pkg-get defaults to downloading to /var/run/[special]
# Note that it MUST HAVE $$ -- tempdir MUST BE UNIQUE TO EACH PROCESS
# PKGGET_DOWNLOAD_DIR=/some/large/dir/pkg-get.$$
PKGGET_DOWNLOAD_DIR=/var/spool/pkg-get/pkg-get.$$
# To disable use of gpg or md5, uncomment these
#use_gpg=false
#use_md5=false
~
~
~
"/opt/csw/etc/pkg-get.conf" 15 lines, 645 characters
#
You will now be able to fetch a new catalog from the primary mirror at http://blastwave.network.com/ thus
# /opt/csw/bin/pkg-get -U
Getting catalog...
--2008-08-24 12:40:50-- http://blastwave.network.com/csw/unstable/sparc/5.8/catalog
Resolving blastwave.network.com... 64.79.150.209
Connecting to blastwave.network.com|64.79.150.209|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 356110 (348K) [text/plain]
Saving to: `catalog'
0K ..... 100% 127K=2.7s
2008-08-24 12:40:54 (127 KB/s) - `catalog' saved [356110/356110]
gpg: Signature made Wed Aug 20 19:34:15 2008 EDT using DSA key ID A1999E90
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2011-08-17
gpg: Good signature from "Blastwave Software (Blastwave.org Inc.) <software@blastwave.org>"
Updating catalog file
/var/pkg-get/catalog-blastwave.network.com updated
--2008-08-24 12:40:58-- http://blastwave.network.com/csw/unstable/sparc/5.8/descriptions
Resolving blastwave.network.com... 64.79.150.209
Connecting to blastwave.network.com|64.79.150.209|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 96948 (95K) [text/plain]
Saving to: `descriptions'
0K . 100% 67.3K=1.4s
2008-08-24 12:40:59 (67.3 KB/s) - `descriptions' saved [96948/96948]
Updated description file
#
You can see what software is out of date on your system thus :
# /opt/csw/bin/pkg-get -c | grep -v Not | grep -v SAME
# (From site http://blastwave.network.com/csw/unstable )
software localrev remoterev
aalib 1.4.0,REV=2004.10.15_rev=rc5 1.4.0,REV=2008.04.13_rev=rc5
bash 3.2,REV=2007.12.18 3.2,REV=2008.06.02
dbus_glib 0.73,REV=2007.06.10 0.74,REV=2008.06.02
firefox 2.0.0.9,REV=2007.11.11 2.0.0.12,REV=2008.02.10
ghostscript 8.61 8.62,REV=2008.04.15
glib2 2.14.2 2.16.3
gtk2 2.12.3 2.12.3,REV=2008.06.11
libdbus 1.0.2,REV=2007.06.10 1.2.1,REV=2008.06.02
libgcrypt 1.4.0 1.4.1,REV=2008.05.27
libpango 2.19.0 1.19.1
mercurial 0.9.5,REV=2008.02.09 1.0,REV=2008.04.03
mesalibs 7.0.2 7.0.3
openssh 4.7,REV=2007.12.26_rev=p1 5.0,REV=2008.04.30_rev=p1
openssl 0.9.8g,REV=2008.03.22_rev=g 0.9.8g,REV=2008.04.30_rev=g
pca 20080311.01,REV=2008.03.11 20080729.01,REV=2008.07.31
png 1.2.25,REV=2008.02.19 1.2.29,REV=2008.05.08
poppler 0.6.2,REV=2007.12.01 0.8.0,REV=2008.04.12
schilyutils 1.02,REV=2007.06.25 1.02,REV=2008.04.29
star 1.5a80,REV=2007.06.25 1.5,REV=2008.04.29
#
New Software catalogs are in place at http://blastwave.network.com/csw
Mirror Site Overview and informationYou must choose a mirror site to obtain the packages from. The site www.blastwave.org does not serve package downloads directly. Blastwave Software Stack The Blastwave Software Stack ( simply “the stack” ) is broken into three main trees of software packages. The first tree is called “unstable” and it changes frequently. Software packages are continually being updated and released to the public via the “unstable” tree. The next tree is called “stable” and it will only change after release engineering has checked and reviewed all bugs filed against all software packages. There is also an internal tree simply called “testing” and it is used for QA processes before a package enters the “unstable” tree. Our current release manager is James Lee and he works closely with numerous others to ensure that only qualified software may enter the “stable” tree. The “stable” tree will change only when a complete release is ready. At most this will be four times a year, depending on various factors. You must install pkg-get and then configure /opt/csw/etc/pkg-get.conf to download software from a mirror listed below. Simply add either "/unstable" or "/stable" to the end of one of the URLs listed below and then use pkg-get to install software. Take note that if you use the “stable” tree then you may be a few months behind in software package versions, for the tradeoff of using packages that dont have as many bugs ( often none ) filed against them. James Lee does a great job of migrating only packages with low or no bug count, into the stable tree.  The best way to access a mirror site for individual machines, is via the pkg-get script, which will install a package, and all its dependancies (although you may also choose to download and install packages manually) . Current public mirrorsPrimary Mirror Sites and Download Sites :GPG public keyHere is the current blastwave.org public key, which is used to sign the catalog files to verify package integrity across mirror sites. This ensures that the md5 hashes are not tampered with, which in turn ensure that the binaries themselves are not altered.gpg verification is optional. However, if you have gpg installed [via "pkg-get install gnupg"], pkg-get will attempt to verify the catalog. If you wish to have the catalog file (with its list of checksums for each package) verified by gpg, then you should save this page and add the public key to your root "keyring". Eg: # /opt/csw/bin/gpg --keyserver pgp.mit.edu --recv-keys A1999E90
gpg: requesting key A1999E90 from hkp server pgp.mit.edu
gpg: key A1999E90: public key "Blastwave Software (Blastwave.org Inc.) <software@blastwave.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
If you have gpg installed, but do NOT wish gpg verification to
take place, you must set " -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.9 (SunOS) mQGiBEinbdoRBADIgfysWTNUZVX1COuu0kqsmkKjj5mhj2bGU+k01LauXLnZnJkS oX5albzpqWHNQ2+QYYcUS/floACyVBLft2w1KYQmqWcAd0nnDu1u5zCOkQYPFKId eYNQIQLnq66VPGNtEK6u0F4gmqVmFSyqCdnfglSZUprPx2b2iA+94njMkwCgj4nO 547bNv5eCbvW74eKYrXuMGEEALJ/JlRzqnfI2vTYumk8wIYTJ471ett3kzC7HT0P Ck6a+503c4M0uE7FBukv7bzMFCoZ5tlbaLvMwa3Y8FB/h6Cn5S89/gGxFL7zBki9 HtFo2fBPIPhaAb5AJIAwBUpD+P1/cZ7gBCrPwdZ1juDH3Vu8V7RmDEhLyvMfAXsV IQDUA/4nYuNk5quJrxVzKZziZMq35UI2dM4wng6tfGexg7AeHumI/2JE8FEI1FM3 A7qIKOF8McohGiEBpfzf2nEVcnTNz9iwsFDS88cSGM2uU7tZzm5Z7uP+tx2x4+HY LlVltlaHLaVhUB57Yp5trPrZLml18E5f5RoHhJjC6ZC0KompwbRAQmxhc3R3YXZl IFNvZnR3YXJlIChCbGFzdHdhdmUub3JnIEluYy4pIDxzb2Z0d2FyZUBibGFzdHdh dmUub3JnPohmBBMRAgAmBQJIp23aAhsDBQkFo5qABgsJCAcDAgQVAggDBBYCAwEC HgECF4AACgkQTahB6aGZnpDI3QCeLotaGV8Jef+8N+2La2NMnzLPRCkAn2KYBqKw ZIphLBGm/m0KXXKenI6uuQINBEinbdoQCACRHT7pnpPEMTq4t3SiSTc8n/7bo6YM udTiYudVSwN7VBeYcrWy3sji4N5oAHzytrWdO3ThIDiQR+iJ1fXrZp9f5ntkx/MV xArB/bcbWGGnCALbWq9+iYsAnUAnEtlZ+iVwsMThyDpD0wlHT4jCIdOr35H/Raa9 brbjva0Gz/x4DVPKSFwOlUaVl8dFFF7uS3OnA/2jBy5LB2p3dNuP1gTblZGb37oo 3mWR071ERI05u68QgOJKh0FAiZUpnGTLnvI0aQqGYkVJBbJGv4VjEQUS4Spi9XiA 3yGbzD/7pqHxxfYKgg5wSJA0srGPqzvdjVbu2IRu0iGF8RdDJKOGayFDAAMFB/4j Bh10mhxk6hCUqQKcMcmK2U62bfwaunuZKTvMn7LYmgaJ9CueoI9PQJk1+/to8RM4 vm7Il56Hv4wUOB+n0rOmuXzZ27f261PIuqwn/5fk9NglIuv98CUsfSBRxXUtF30D qwtYrUIXom7soZtQNPMJFYN3ONC+zn/jllvkHSYrtV3JxC1/xzYpSfQV71DtctJf US1PFLzzQ2L0vUV1qnv2khMXFFLdy9E7ZuYAEdYBqFVpopjGdjJn/WycanmfvdfY fxZQmK7erpHso9jy3P6JOIEzmPRKp/2EfEqIrJ9Lg87Ku0iOUMAlOoBczVqmTvev K91vaYT6XqtoTz/Q1O5LiE8EGBECAA8FAkinbdoCGwwFCQWjmoAACgkQTahB6aGZ npCUKwCeLQT8CQlZhxiiveS1AAXlbEWk9A4AnjSYnzifQteSa/5llqZAlVaR+WZg =2Kbo -----END PGP PUBLIC KEY BLOCK----- |
 |
Blastwave is a trademark of Blastwave.org Inc. in the United States and Canada. OpenSolaris and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.
UNIX is a registered trademark in the United States and other countries, exclusively licensed through X/Open Company, Ltd.
All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the United States and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc.
All other logos and trademarks are registered through their respective owners.
©2002-2008 Blastwave.org Inc.
See “Terms of Use”
Sun™ Logo and OpenSolaris™ Published with Permission from Sun Microsystems, Inc.
Please also note our Privacy Policy |
 
|