I am working on an embedded Linux IoT device that utilizes the aptitude interface for doing its package downloads. The packages are stored in a Debian-type Artifactory repository. This is all fairly straightforward, and Artifactory even gives you a handy guide for what deb line to add to your sources.list. Where I'm getting stuck is when calling the normal apt get update, it will fail for the CA certificate:
error setting certificate verify locations: CAfile: none CApath:
My understanding is that I need to store a .pem file somewhere, but I am not sure where that comes from (or even what to appropriately Google here). Is this something that is generated by Artifactory, or generated on the client device itself?
Is this perhaps what I'm looking for?
Using openssl to get the certificate from a server
Related
I am trying to create an online installer for a Qt6 application. In this case, it is a Python base GUI app, compiled with Nuitka.
After creating the repository and the installer itself
repogen -p packages repository
binarycreator --online-only -c config/config.xml -p packages Installer
the repo folder is filled and the installer is created. But each time I call it, I get 'Cannot retrieve distant tree'.
The question is: which remote servers are allowed, and how do I access them?
SFTP: debug mode tells me 'unsupported protocol'
FTP: connects, but asks for pw forever. Probably due to secure ftp
Google drive: seems not to work, probably because of redirections?
Nextcloud server: seems not to work, probably because of redirections?
Office365 cloud: seems not to work, probably because of redirections?
Or is the only way to configure an http server to get access to an update folder w/o pw?
The certificate provide me with the files mentioned above but I don't remember how to create a certificate file to install on iis, I remember using the openssl tool
I am trying to create a sample repo, which includes a deb file under it.
I used dpkg-scanpackages to create the repo and apt-ftparchive to create the Release file for it
When i try to configure this repo on Ubuntu 14.04 it works fine, apart from one warning that i use SHA1 instead of SHA256, but it gets installed over it
But if i try to do it over ubuntu 16.04 the apt-get command itself fails with "Hash Sum Mismatch" error
I googled it but could not exactly get as to how to create InRelease file or how to actually use the by-hash method that it ask to prefer
Any pointers as in exactly how to create repo that can use this feature will help
Thanks
-G
Apparently I am able to fix my issue.
The problem that I was hitting was because I was using an older version of apt-ftparchive and dpkg-scanpackages, which only created a MD5 hash, where as 16.04 has forced up SHA256 hash.
Updating my build setup to use the latest binary of apt-ftparchive and dpkg-scanpackages I was able to successfully create my repo and install the package.
I am trying to automate installation of CentOS 6.4 -minimal with kickstart on a DVD
Below is my kick start that was auto generated by anaconda
# Kickstart file automatically generated by anaconda.
#version=DEVEL
install
cdrom
lang en_US.UTF-8
keyboard us
network --onboot no --device eth0 --bootproto dhcp --noipv6
rootpw --iscrypted $6$.tHtXJMs5GEzyQRm$52EX5ue3UuFC/zgencUbxuvwHXIPDuLmllkuNs4NRq7/Wa7FsI8ICxwPDsy/KnzSaUfEqfBROLAv0tPMksOhA1
firewall --service=ssh
authconfig --enableshadow --passalgo=sha512
selinux --enforcing
timezone --utc America/New_York
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
repo --name="CentOS" --baseurl=cdrom:sr0 --cost=100
%packages --nobase
#core
%end
============================================================
The problem happens when the ks.cfg tries to install packages from Repo that is in DVD
The error I'm getting:
Unable to read package metadata. This may be due to a missing repodata directory. Please ensure that your install tree has been correctly generated.
cannot find a valid baseurl for repo:CentOS
============================================================
If this a bug, is there any other way to automate the installation ?
Is there any alternate solution to Automate the CentOS6.4 minimal?
I have tried removing the line
repo --name="CentOS" --baseurl=cdrom:sr0 --cost=100
Problem still persists
Then I tried changing to something like this
repo --name="CentOS" --baseurl=file:///mnt/source--cost=100
Problem still persists
What am i missing to include .... ???
I've faced the same problem today, but after commenting the line it worked :)
#repo --name="CentOS" --baseurl=cdrom:sr1 --cost=100
Why don't you use system-config-kickstart gui tool for creating your own file and then use mkisofs to create your own iso too.
http://www.centos.org/docs/4/html/rhel-sag-en-4/ch-redhat-config-kickstart.html
The above link would be helpful.
Thanks & Regards,
Alok Thaker
From the RHEL 7 Kickstart documentation:
url Install from an installation tree on a remote server via FTP, HTTP, or HTTPS.
--url= - The location to install from. Supported protocols are HTTP, HTTPS, FTP, and file.
--mirrorlist= - The mirror URL to install from.
--proxy= - Specify an HTTP, HTTPS or FTP proxy to use while performing the installation.
--noverifyssl - Disable SSL verification when connecting to an HTTPS server.
You have to set url property, like:
url --url=http://mirror.centos.org/centos/7.0.1406/os/x86_64/
There are a handful of Packer templates that leverages kickstart scripts to create Centos VMs. One of those is the Bento Project.
You did not have a space between the second and third parameter:
repo --name="CentOS" --baseurl=file:///mnt/source/--cost=100
Correct:
repo --name="CentOS" --baseurl=file:///mnt/source/ --cost=100
I built subversion client (1.6.5) along with its required dependency libs on SuSe 10.
I am trying to access our central repository server over https a secured URL.
But when i run the svn checkout command giving proper credentials it gives me memory fault.
What is that i have missed in building SVN or is that something to do with set up # client side?
I run make check to confirm the subversion client build, firts 30 tests is succesful.
And also svn co over http:"URL" errs out with proper message for we do not have any repository over that URL.Does this mean the build is good but something to do with openssl library configuration?
svn --version gives what all clients it supports and found that it was supporting only http.I rebuilt the subversion with correct config options and currently has following options:
svn, version 1.6.5 (r38866)
compiled Sep 8 2009, 18:05:39
Copyright (C) 2000-2009 CollabNet.
Subversion is open source software, see http://subversion.tigris.org/
This product includes software developed by CollabNet (http://www.Collab.Net/).
The following repository access (RA) modules are available:
ra_neon : Module for accessing a repository via WebDAV protocol using Neon.
handles 'http' scheme
handles 'https' scheme
ra_svn : Module for accessing a repository using the svn network protocol.
handles 'svn' scheme
ra_local : Module for accessing a repository on local disk.
handles 'file' scheme
ra_serf : Module for accessing a repository via WebDAV protocol using serf.
handles 'http' scheme
- handles 'https' scheme
but still no luck.I will be creating a local and http repository to check the same.
Have you tried installing a pre-built binary? Does it give you any other errors? Hard to determine your problem without more details ... plenty of people use the SVN client on SUSE Linux without any problems.
I had to rebuild openssl with "no-asm" configuration setting and subversion started working for "https" repository.