ユーザ用ツール

サイト用ツール


サイドバー

最新の10件
一覧
linux:debian:sid:linux-5.12
$ sudo apt install build-essential fakeroot gpg2
$ sudo apt build-dep linux
$ apt source linux
$ unxz ~/Downloads/linux-5.12.tar.xz
$ gpg --verify ~/Downloads/linux-5.12.tar.sign 
gpg: assuming signed data in '/home/matoken/Downloads/linux-5.12.tar'
gpg: Signature made Mon 26 Apr 2021 01:49:05 PM JST
gpg:                using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
gpg: Good signature from "Greg Kroah-Hartman <gregkh@linuxfoundation.org>" [unknown]
gpg:                 aka "Greg Kroah-Hartman (Linux kernel stable release signing key) <greg@kroah.com>" [undefined]
gpg:                 aka "Greg Kroah-Hartman <gregkh@kernel.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 647F 2865 4894 E3BD 4571  99BE 38DB BDC8 6092 693E
$ tar tvf ~/Downloads/linux-5.12.tar | lv
$ tar xf ~/Downloads/linux-5.12.tar
$ cd linux-5.12
$ cp /boot/config-`uname -r` ./.config
$ make olddefconfig
$ make xconfig
$ make testconfig

.config

@@ -9373,7 +9375,7 @@
 #
 CONFIG_MODULE_SIG_KEY=""
 CONFIG_SYSTEM_TRUSTED_KEYRING=y
-CONFIG_SYSTEM_TRUSTED_KEYS="debian/certs/debian-uefi-certs.pem"
+CONFIG_SYSTEM_TRUSTED_KEYS=""
 # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
 CONFIG_SECONDARY_TRUSTED_KEYRING=y
 CONFIG_SYSTEM_BLACKLIST_KEYRING=y
Using your current Debian kernel configuration as a starting pointAlternatively, you can use the configuration from a Debian-built kernel that you already have installed by copying the /boot/config-* file to .config and then running make oldconfig to only answer new questions.
If you do this, ensure that you modify the configuration to set:

CONFIG_SYSTEM_TRUSTED_KEYS = ""otherwise the build may fail:



$ time make -j`nproc` bindeb-pkg
$ ls ../*5.12.0*
../linux-5.12.0_5.12.0-1_amd64.buildinfo  ../linux-headers-5.12.0_5.12.0-1_amd64.deb    ../linux-image-5.12.0_5.12.0-1_amd64.deb
../linux-5.12.0_5.12.0-1_amd64.changes    ../linux-image-5.12.0-dbg_5.12.0-1_amd64.deb  ../linux-libc-dev_5.12.0-1_amd64.deb

$ sudo apt install ../linux-image-5.12.0_5.12.0-1_amd64.deb ../linux-libc-dev_5.12.0-1_amd64.deb ../linux-headers-5.12.0_5.12.0-1_amd64.deb

$ sudo sbsign --key ~/MOK.priv --cert ~/MOK.pem /boot/vmlinuz-5.12.0 --output vmlinuz-5.11.0
$ sudo mv ./vmlinuz-5.11.0 /boot/vmlinuz-5.12.0
$ find /lib/modules/`uname -r`/updates/dkms/ -type f -print0 | xargs -0 -n1 sudo /usr/lib/linux-kbuild-5.10/scripts/sign-file sha256 ~/MOK.priv ~/M
OK.der

コメント

コメントを入力. Wiki文法が有効です:
  __  __   _  __   _  __   ___    ___ 
 / / / /  / |/ /  / |/ /  / _ )  / _ \
/ /_/ /  /    /  /    /  / _  | / ___/
\____/  /_/|_/  /_/|_/  /____/ /_/
 
linux/debian/sid/linux-5.12.txt · 最終更新: 2021/04/28 21:29 by matoken