Jump to content

Recommended Posts

Posted
On 5/22/2020 at 3:24 AM, belfastraven said:

Do you have a preference that a different tool be used?   


As @Werner already pointed out - no tool for uncompressing is needed. This step was removed so it would be nice that we don't confuse people and telling them to unpack 7z file which is nowhere to be found from now on. Also checking SHA and PGP signature has been changed ... 

 

@5kft Great job!

 

I had some idle time, so I added C4 legacy since it arrived yesterday to the desk. Mainline still hangs at reboot, this one doesn't :) Perhaps someone would be happy.

https://github.com/armbian/build/pull/1983

Posted

OK sorry--brain obviously not working.  So am I understanding correctly that three files will need to be downloaded,  the .img.xz,  the .asc.  and the .sha  and that the new way of  checking authentity and validating  are

 

gpg --verify "some-name".img.asc

 

sha256sum --check "some-name".img.sha ?

 

Also,  the page I saw only mentioned etcher and not USBImager.  SHould it also mention USBImager?    

Could someone point me to a download that has everything in place for the new system:  I'd like to test what I am writing.   I normally build things and when I tried to download some RockPro64 files I was getting Nginx errors for the SAH and ASC files.   Any board with the new setup will do,  its just for documentation testing purposes....

thanks.  

 

 

 

 

 

Posted
5 hours ago, belfastraven said:

OK sorry--brain obviously not working.


In the moment of replying to this mine are also not working yet :P

 

Before:
One 7z archive: image, signature and sha packed in


Now:
Three files: image.gz, signature and sha

 

5 hours ago, belfastraven said:

checking authentity and validating  are

 

5 hours ago, belfastraven said:

Could someone point me to a download that has everything in place for the new system

 

https://www.armbian.com/odroid-c4/
Yes, I also do at least one experiment. This will not change in the future just like that.

 

5 hours ago, belfastraven said:

Also,  the page I saw only mentioned etcher and not USBImager.  SHould it also mention USBImager? 


Yes. 

Here is already changed (even I think we don't use this document at the download pages anymor):
https://github.com/armbian/documentation/blob/master/docs/User-Guide_Getting-Started-Download-Page.md

 

Not changed in main document:
https://github.com/armbian/documentation/blob/master/docs/User-Guide_Getting-Started.md

 

and elsewhere where we had this info. If anywhere.

 

 

Posted

@Igor  one last issue.  When I downloaded  the odroid 4c files ,(The .img.xz, .asc and .sha for bionic current desktop) I realized that no program that i can find will verify/validate the download or authenticity of the xz when the sha or asc generation is run against the uncompressed image  , which seems to have been the case.   

 

Is it possible to generate the sha and asc file using the .img.xz files?  If not,  is it the intention the users should uncompress the xz files before running the checks?   They obviously don't need to do that to write the file with Etcher or USBImager.  Once I know what the intention is here,  I can finish this piece of documentation.    By the way, those builds seemed to be using 20.02.  When I build locally,  the build does seem to use 20.05.   I found (grep is my friend)  that I could specify xz on the COMPRESS_IMAGE

build parameter but it does seem that the sha and asc files are generated from the .img file, not the compressed file....but shell scripts are not my strong point....

 

 

 

Posted
6 hours ago, belfastraven said:

is it the intention the users should uncompress the xz files before running the checks?

 

General intention is to make it simple for users. Current way its not so I agree we need to fix this - files can be generated for a compressed image.

 

6 hours ago, belfastraven said:

Once I know what the intention is here,  I can finish this piece of documentation. 


OK. Lets fix this prior.
 

6 hours ago, belfastraven said:

build parameter but it does seem that the sha and asc files are generated from the .img file, not the compressed file....but shell scripts are not my strong point.

 

https://github.com/armbian/build/blob/master/lib/debootstrap.sh#L628-L683

Posted

hi - just a quick question - Kagu will be based on LTS kernel 5.4 ( dkms wireguard ) or is it being bumped to 5.6 ( wireguard built in ) for all stable images ( thus not dev )? 

Posted
2 hours ago, dolphs said:

hi - just a quick question - Kagu will be based on LTS kernel 5.4 ( dkms wireguard ) or is it being bumped to 5.6 ( wireguard built in ) for all stable images ( thus not dev )?


Wireguard is build in all kernels regardless of kernel version for some time. This problem is only everywhere else :)

 

Some kernels will remain on 5.4.y some will be moved forward. You can check sources how things are set - we are only making small changes and bug fixes.

Posted

@Igor (and anyone else who wants to weigh in on the changes for xz compression)

 

Could you take a look here https://github.com/belfastraven/build/blob/pre-new-doc/lib/debootstrap.sh  at the section toward which you pointed me.  This now will do compression first and then the shasum and gpg stuff.  The shasum stuff is working (I tried it twice :-) )   I left "the "yes" option and the "no compression" options the way they were.  I wasn't sure  what everyone wanted --whether we should  now use  xz,sha,gpg by default, or what.  I was not able to properly test the asc file generation because I am apparently not setting GPG_PASS properly.   Perhaps I will figure that out tomorrow.

 

I realize that I propabably should have given the branch the Atlassian assignment number.  I'll do better next time....

 

 

Posted
7 hours ago, belfastraven said:

I realize that I propabably should have given the branch the Atlassian assignment number.  I'll do better next time....


Create a pull request. Its easier to review and comment. On a quick compare / scan looks fine. 

 

7 hours ago, belfastraven said:

we should  now use  xz,sha,gpg by default, or what


Other & older options should remain functional even we change our defaults. There are several projects that uses this script and we don't need to change their defaults. 

 

7 hours ago, belfastraven said:

Perhaps I will figure that out tomorrow.


Tomorrow I plan to push out a release of 20.05 ... not sure when it will have next larger time slot and we are closing .05 ... 

Posted

@igor,  I'm very glad you finished it--I don't think anyone wants me to mess around with the build system:lol:.

I am back to working on the doc.  I'm trying to determine the best tool to use on windows to shasum the xz file.  certutil, e.g. expects the user to compare the hashes (not very friendly, I think) , Microsoft has a tool which I haven't tried yet, but will try tonight.   

 

Also,  the doc still says  builds for supported desktops are bionic and buster--wasn't sure that was still true.  

 

 

This is where I am currently,  if anyone wants to look:  https://github.com/belfastraven/documentation/blob/patch-2/docs/User-Guide_Getting-Started.md

 

If I check tomorrow,  I'm assuming that I will see the newly generated dowload files?  I will test again.

 

P.S.  I'm just trying to help.  I am never offended about code, documentation changes, etc.   I dual boot my desktop Ubuntu and Windows, but don't have a Mac,  so when this is finalized, perhaps someone with a Mac can test....

Posted
43 minutes ago, belfastraven said:

I don't think anyone wants me to mess around with the build system

 

You are welcome. We do a review before we merge which means its hard to mess up ;) 

 

45 minutes ago, belfastraven said:

the doc still says  builds for supported desktops are bionic and buster--wasn't sure that was still true. 


Focal is also supported now, buster and bionic remains.

 

46 minutes ago, belfastraven said:

This is where I am currently


Make a pull request so we can review the document directly. You can anyway continue to work on your local branch. When review is done, we pull it in.

 

48 minutes ago, belfastraven said:

If I check tomorrow,  I'm assuming that I will see the newly generated dowload files?  I will test again.


Plan is to make rebuild tomorrow. We will see. I already made this test builds (Cubox-i) with changed script.

 

51 minutes ago, belfastraven said:

I'm just trying to help.  I am never offended about code, documentation changes, etc.   I dual boot my desktop Ubuntu and Windows, but don't have a Mac,  so when this is finalized, perhaps someone with a Mac can test....


Appreciated!

Posted

@Igor,  I've been playing with the Cubox builds and everything is working well.    On WIndows,   I am thinking about suggesting the built-in powershell tool Get-FIlehash for verification  and  explaining how to write the hash into a file to  check it.     gnupg,  which installs gpg,  and gpg4win,  its windows graphic frontend with extra bells and whistles, work fine for authentication,  and the command line  use is the same as on linux.    If we have any windows experts here who would like to weigh in,  I'd love to here from them.   Of course,  if people are running WSL ,   they can just do this with the linux commands anyway...

 

I will see what I come up with over the weekend and THEN make the pull request. :-)

 

 

  • Igor unpinned this topic
Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines