Changeset 9638fe8a for postlfs/security
- Timestamp:
- 08/13/2014 10:19:22 AM (10 years ago)
- Branches:
- systemd-11177
- Children:
- 617baad
- Parents:
- 03ada6dd
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/gnupg2.xml
r03ada6dd r9638fe8a 7 7 <!ENTITY gnupg2-download-http " "> 8 8 <!ENTITY gnupg2-download-ftp "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-&gnupg2-version;.tar.bz2"> 9 <!ENTITY gnupg2-md5sum " 048d8de797125f1d8e6cf3bdff9e2d12">9 <!ENTITY gnupg2-md5sum "fa7e704aad33eb114d1840164455aec1"> 10 10 <!ENTITY gnupg2-size "4.2 MB"> 11 <!ENTITY gnupg2-buildsize " 67 MB (additional 1 MB for the tests)">11 <!ENTITY gnupg2-buildsize "91 MB (with tests and optional documentation)"> 12 12 <!ENTITY gnupg2-time "0.6 SBU (additional 0.5 SBU for the tests)"> 13 13 ]> … … 30 30 <title>Introduction to GnuPG</title> 31 31 32 <para>The <application>GnuPG</application> package is GNU's tool for 33 secure communication and data storage. It can be used to encrypt data and 34 to create digital signatures. It includes an advanced key management 35 facility and is compliant with the proposed OpenPGP Internet standard as 36 described in RFC2440 and the S/MIME standard as described by several RFCs. 37 GnuPG 2 is the stable version of GnuPG integrating support for OpenPGP and 38 S/MIME.</para> 32 <para> 33 The <application>GnuPG</application> package is GNU's tool for secure 34 communication and data storage. It can be used to encrypt data and to 35 create digital signatures. It includes an advanced key management 36 facility and is compliant with the proposed OpenPGP Internet standard 37 as described in RFC2440 and the S/MIME standard as described by several 38 RFCs. GnuPG 2 is the stable version of GnuPG integrating support for 39 OpenPGP and S/MIME. 40 </para> 39 41 40 42 &lfs75_checked; … … 43 45 <itemizedlist spacing="compact"> 44 46 <listitem> 45 <para>Download (HTTP): <ulink url="&gnupg2-download-http;"/></para> 46 </listitem> 47 <listitem> 48 <para>Download (FTP): <ulink url="&gnupg2-download-ftp;"/></para> 49 </listitem> 50 <listitem> 51 <para>Download MD5 sum: &gnupg2-md5sum;</para> 52 </listitem> 53 <listitem> 54 <para>Download size: &gnupg2-size;</para> 55 </listitem> 56 <listitem> 57 <para>Estimated disk space required: &gnupg2-buildsize;</para> 58 </listitem> 59 <listitem> 60 <para>Estimated build time: &gnupg2-time;</para> 47 <para> 48 Download (HTTP): <ulink url="&gnupg2-download-http;"/> 49 </para> 50 </listitem> 51 <listitem> 52 <para> 53 Download (FTP): <ulink url="&gnupg2-download-ftp;"/> 54 </para> 55 </listitem> 56 <listitem> 57 <para> 58 Download MD5 sum: &gnupg2-md5sum; 59 </para> 60 </listitem> 61 <listitem> 62 <para> 63 Download size: &gnupg2-size; 64 </para> 65 </listitem> 66 <listitem> 67 <para> 68 Estimated disk space required: &gnupg2-buildsize; 69 </para> 70 </listitem> 71 <listitem> 72 <para> 73 Estimated build time: &gnupg2-time; 74 </para> 61 75 </listitem> 62 76 </itemizedlist> 63 77 64 <bridgehead renderas="sect3">Additional Downloads</bridgehead> 65 <itemizedlist spacing="compact"> 66 <listitem> 67 <para> 68 Required patch: 69 <ulink url="&patch-root;/gnupg-&gnupg2-version;-import_filter_and_add_kbnode_t-1.patch"/> 70 </para> 71 </listitem> 72 </itemizedlist> 73 74 <bridgehead renderas="sect3">GnuPG 2 Dependencies</bridgehead> 78 <bridgehead renderas="sect3">GnuPG Dependencies</bridgehead> 75 79 76 80 <bridgehead renderas="sect4">Required</bridgehead> 77 <para role="required"><xref linkend="pth"/>, 78 <xref linkend="libassuan"/>, 79 <xref linkend="libgcrypt"/>, and 80 <xref linkend="libksba"/></para> 81 <para role="required"> 82 <xref linkend="libassuan"/>, 83 <xref linkend="libgcrypt"/>, 84 <xref linkend="libksba"/> and 85 <xref linkend="pth"/> 86 </para> 81 87 82 88 <bridgehead renderas="sect4">Recommended</bridgehead> 83 <para role="recommended"><xref linkend="pinentry"/> (Run-time requirement for most of 84 the package's functionality)</para> 89 <para role="recommended"> 90 <xref linkend="pinentry"/> (Run-time requirement for 91 most of the package's functionality) 92 </para> 85 93 86 94 <bridgehead renderas="sect4">Optional</bridgehead> 87 <para role="optional"><xref linkend="openldap"/>, 88 <xref linkend="libusb-compat"/>, 89 <xref linkend="curl"/>, 90 <ulink url="http://www.chiark.greenend.org.uk/~ian/adns/">GNU 91 adns</ulink>, and an 92 <xref linkend="server-mail"/></para> 95 <para role="optional"> 96 <xref linkend="curl"/>, 97 <ulink url="http://www.chiark.greenend.org.uk/~ian/adns/">GNU 98 ADNS</ulink>, 99 <xref linkend="libusb-compat"/>, 100 an <xref linkend="server-mail"/> and 101 <xref linkend="openldap"/> 102 </para> 93 103 94 104 <para condition="html" role="usernotes">User Notes: 95 <ulink url="&blfs-wiki;/gnupg2"/></para>96 105 <ulink url="&blfs-wiki;/gnupg2"/> 106 </para> 97 107 </sect2> 98 108 … … 100 110 <title>Installation of GnuPG</title> 101 111 102 <para>Install <application>GnuPG</application> by running the following 103 commands:</para> 104 105 <screen><userinput>patch -Np1 -i ../gnupg-&gnupg2-version;-import_filter_and_add_kbnode_t-1.patch && 106 ./configure --prefix=/usr \ 112 <para> 113 Install <application>GnuPG</application> by running the following 114 commands: 115 </para> 116 117 <screen><userinput>./configure --prefix=/usr \ 118 --sysconfdir=/etc \ 107 119 --enable-symcryptrun \ 108 120 --docdir=/usr/share/doc/gnupg-&gnupg2-version; && … … 112 124 makeinfo --plaintext -o doc/gnupg.txt doc/gnupg.texi</userinput></screen> 113 125 114 <para>If you have <xref linkend="texlive"/> 115 installed and you wish to create documentation in alternate formats, 116 issue the following commands:</para> 126 <para> 127 If you have <xref linkend="texlive"/> installed and you wish 128 to create documentation in alternate formats, issue the 129 following commands: 130 </para> 117 131 118 132 <screen><userinput>make -C doc pdf ps html</userinput></screen> 119 133 120 <para>To test the results, issue: <command>make check</command>.</para> 121 122 <para>Note that if you have already installed 123 <application>GnuPG</application>, the instructions below will overwrite 124 <filename>/usr/share/man/man1/gpg-zip.1</filename>. Now, as the 125 <systemitem class="username">root</systemitem> user:</para> 134 <para> 135 To test the results, issue: <command>make check</command>. 136 </para> 137 138 <para> 139 Now, as the <systemitem class="username">root</systemitem> user: 140 </para> 126 141 127 142 <screen role="root"><userinput>make install && 128 ln -sv gpg2 /usr/bin/gpg && 129 ln -sv gpgv2 /usr/bin/gpgv && 130 131 install -v -m755 -d /usr/share/doc/gnupg-&gnupg2-version;/html && 132 install -v -m644 doc/gnupg_nochunks.html \ 133 /usr/share/doc/gnupg-&gnupg2-version;/gnupg.html && 134 install -v -m644 doc/*.texi doc/gnupg.txt \ 135 /usr/share/doc/gnupg-&gnupg2-version;</userinput></screen> 136 137 <para>If you created alternate formats of the documentation, install it 138 using the following command as the 139 <systemitem class="username">root</systemitem> user:</para> 143 144 for f in gpg gpgv ; do 145 ln -sfv ${f}2 /usr/bin/${f} && 146 ln -sfv ${f}2.1 /usr/share/man/man1/${f}.1 147 done && 148 149 install -v -dm755 /usr/share/doc/gnupg-&gnupg2-version;/html && 150 install -v -m644 doc/gnupg_nochunks.html \ 151 /usr/share/doc/gnupg-&gnupg2-version;/gnupg.html && 152 install -v -m644 doc/*.texi doc/gnupg.txt \ 153 /usr/share/doc/gnupg-&gnupg2-version;</userinput></screen> 154 155 <para> 156 If you created alternate formats of the documentation, install 157 it using the following command as the 158 <systemitem class="username">root</systemitem> user: 159 </para> 140 160 141 161 <screen role="root"><userinput>install -v -m644 doc/gnupg.html/* \ … … 149 169 <title>Command Explanations</title> 150 170 151 <para><command>ln -sv gpg...</command>: Symlinks for compatibility with the 152 first version of <application>GnuPG</application>.</para> 153 154 <para><parameter>--docdir=/usr/share/doc/gnupg-&gnupg2-version;</parameter>: 155 This switch changes the default docdir to <filename 156 class="directory">/usr/share/doc/gnupg-&gnupg2-version;</filename>.</para> 157 158 <para><parameter>--enable-symcryptrun</parameter>: This switch enables 159 building the symcryptrun program.</para> 160 161 <para><option>--libexecdir=/usr/lib/gnupg2</option>: This option 162 creates a <filename class="directory">gnupg</filename> directory in 163 <filename class="directory">/usr/lib</filename> instead of 164 <filename class="directory">/usr/libexec</filename> in accordance 165 with the old version of the FHS used before LFS-7.5.</para> 171 <para> 172 <parameter>--enable-symcryptrun</parameter>: This switch enables 173 building the symcryptrun program. 174 </para> 175 176 <para> 177 <command>ln -sfv ...</command>: This command creates symlinks for 178 compatibility with the first version of 179 <application>GnuPG</application>. 180 </para> 166 181 167 182 </sect2> … … 176 191 177 192 <seglistitem> 178 <seg>gpg (symlink), gpg2, gpg-agent, gnupg-pcsc-wrapper, gpg2keys_curl, 179 gpg2keys_finger, addgnupghome, gpgconf, gpg-connect-agent, gpgkey2ssh, 180 gpg2keys_hkp, gpg2keys_ldap, gpg-check-pattern, applygnupgdefaults, 181 gpgparsemail, gpgsm, gpgsm-gencert.sh, gpg-preset-passphrase, 182 gpg-protect-tool, scdaemon, gpgv (symlink), gpgv2, kbxutil, 183 symcryptrun, and watchgnupg</seg> 184 <seg>None</seg> 185 <seg>/usr/share/doc/gnupg-&gnupg2-version; and 186 /usr/share/gnupg</seg> 193 <seg> 194 addgnupghome, applygnupgdefaults, gpg, gpg2, gpg-agent, 195 gpgconf, gpg-connect-agent, gpgkey2ssh, gpgparsemail, 196 gpgsm, gpgsm-gencert.sh, gpgtar, gpgv, gpgv2, kbxutil, 197 symcryptrun and watchgnupg 198 </seg> 199 <seg> 200 None 201 </seg> 202 <seg> 203 /usr/share/doc/gnupg-&gnupg2-version; and 204 /usr/share/gnupg 205 </seg> 187 206 </seglistitem> 188 207 </segmentedlist> … … 196 215 <term><command>addgnupghome</command></term> 197 216 <listitem> 198 <para>is used to create and populate user's 199 <filename class='directory'>~/.gnupg</filename> directories</para> 217 <para> 218 is used to create and populate user's 219 <filename class="directory">~/.gnupg</filename> directories. 220 </para> 200 221 <indexterm zone="gnupg2 addgnupghome"> 201 222 <primary sortas="b-addgnupghome">addgnupghome</primary> … … 207 228 <term><command>applygnupgdefaults</command></term> 208 229 <listitem> 209 <para>is a wrapper script used to run <command>gpgconf</command> 210 with the <parameter>--apply-defaults</parameter> parameter on all 211 user's GnuPG home directories.</para> 230 <para> 231 is a wrapper script used to run <command>gpgconf</command> 232 with the <parameter>--apply-defaults</parameter> parameter 233 on all user's GnuPG home directories. 234 </para> 212 235 <indexterm zone="gnupg2 applygnupgdefaults"> 213 236 <primary sortas="b-applygnupgdefaults">applygnupgdefaults</primary> … … 219 242 <term><command>gpg-agent</command></term> 220 243 <listitem> 221 <para>is a daemon used to manage secret (private) keys independently 222 from any protocol. It is used as a backend for <command>gpg</command> 223 and <command>gpgsm</command> as well as for a couple of other 224 utilities.</para> 244 <para> 245 is a daemon used to manage secret (private) keys independently 246 from any protocol. It is used as a backend for 247 <command>gpg</command> and <command>gpgsm</command> as well as 248 for a couple of other utilities. 249 </para> 225 250 <indexterm zone="gnupg2 gpg-agent"> 226 251 <primary sortas="b-gpg-agent">gpg-agent</primary> … … 232 257 <term><command>gpg-connect-agent</command></term> 233 258 <listitem> 234 <para>is a utility used to communicate with a running 235 <command>gpg-agent</command>.</para> 259 <para> 260 is a utility used to communicate with a running 261 <command>gpg-agent</command>. 262 </para> 236 263 <indexterm zone="gnupg2 gpg-connect-agent"> 237 264 <primary sortas="b-gpg-connect-agent">gpg-connect-agent</primary> … … 243 270 <term><command>gpg2</command></term> 244 271 <listitem> 245 <para>is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a 246 tool used to provide digital encryption and signing services using 247 the OpenPGP standard.</para> 272 <para> 273 is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a 274 tool used to provide digital encryption and signing services 275 using the OpenPGP standard. 276 </para> 248 277 <indexterm zone="gnupg2 gpg2"> 249 278 <primary sortas="b-gpg2">gpg2</primary> … … 255 284 <term><command>gpgconf</command></term> 256 285 <listitem> 257 <para>is a utility used to automatically and reasonable safely 258 query and modify configuration files in the 259 <filename class='directory'>~/.gnupg</filename> home directory. It is 260 designed not to be invoked manually by the user, but automatically by 261 graphical user interfaces.</para> 286 <para> 287 is a utility used to automatically and reasonable safely 288 query and modify configuration files in the 289 <filename class="directory">~/.gnupg</filename> home 290 directory. It is designed not to be invoked manually by 291 the user, but automatically by graphical user interfaces. 292 </para> 262 293 <indexterm zone="gnupg2 gpgconf"> 263 294 <primary sortas="b-gpgconf">gpgconf</primary> … … 269 300 <term><command>gpgparsemail</command></term> 270 301 <listitem> 271 <para>is a utility currently only useful for debugging. Run it with 272 <parameter>--help</parameter> for usage information.</para> 302 <para> 303 is a utility currently only useful for debugging. Run it with 304 <parameter>--help</parameter> for usage information. 305 </para> 273 306 <indexterm zone="gnupg2 gpgparsemail"> 274 307 <primary sortas="b-gpgparsemail">gpgparsemail</primary> … … 280 313 <term><command>gpgsm</command></term> 281 314 <listitem> 282 <para>is a tool similar to <command>gpg</command> used to provide 283 digital encryption and signing services on X.509 certificates and the 284 CMS protocol. It is mainly used as a backend for S/MIME mail 285 processing.</para> 315 <para> 316 is a tool similar to <command>gpg</command> used to provide digital 317 encryption and signing services on X.509 certificates and the CMS 318 protocol. It is mainly used as a backend for S/MIME mail processing. 319 </para> 286 320 <indexterm zone="gnupg2 gpgsm"> 287 321 <primary sortas="b-gpgsm">gpgsm</primary> … … 293 327 <term><command>gpgsm-gencert.sh</command></term> 294 328 <listitem> 295 <para>is a simple tool used to interactively generate a certificate 296 request which will be printed to stdout.</para> 329 <para> 330 is a simple tool used to interactively generate a certificate 331 request which will be printed to stdout. 332 </para> 297 333 <indexterm zone="gnupg2 gpgsm-gencert.sh"> 298 334 <primary sortas="b-gpgsm-gencert.sh">gpgsm-gencert.sh</primary> … … 304 340 <term><command>gpgv2</command></term> 305 341 <listitem> 306 <para>is a verify only version of <command>gpg2</command>.</para> 342 <para> 343 is a verify only version of <command>gpg2</command>. 344 </para> 307 345 <indexterm zone="gnupg2 gpgv2"> 308 346 <primary sortas="b-gpgv2">gpgv2</primary> … … 314 352 <term><command>kbxutil</command></term> 315 353 <listitem> 316 <para>is used to list, export and import Keybox data.</para> 354 <para> 355 is used to list, export and import Keybox data. 356 </para> 317 357 <indexterm zone="gnupg2 kbxutil"> 318 358 <primary sortas="b-kbxutil">kbxutil</primary> … … 321 361 </varlistentry> 322 362 323 <varlistentry id="scdaemon">324 <term><command>scdaemon</command></term>325 <listitem>326 <para>is a daemon used to manage smartcards. It is usually invoked by327 <command>gpg-agent</command> and in general not used directly.</para>328 <indexterm zone="gnupg2 scdaemon">329 <primary sortas="b-scdaemon">scdaemon</primary>330 </indexterm>331 </listitem>332 </varlistentry>333 334 363 <varlistentry id="symcryptrun"> 335 364 <term><command>symcryptrun</command></term> 336 365 <listitem> 337 <para>is a simple symmetric encryption tool.</para> 366 <para> 367 is a simple symmetric encryption tool. 368 </para> 338 369 <indexterm zone="gnupg2 symcryptrun"> 339 370 <primary sortas="b-symcryptrun">symcryptrun</primary> … … 345 376 <term><command>watchgnupg</command></term> 346 377 <listitem> 347 <para>is used to listen to a Unix Domain socket created by any of 348 the GnuPG tools.</para> 378 <para> 379 is used to listen to a Unix Domain socket created by any of 380 the GnuPG tools. 381 </para> 349 382 <indexterm zone="gnupg2 watchgnupg"> 350 383 <primary sortas="b-watchgnupg">watchgnupg</primary>
Note:
See TracChangeset
for help on using the changeset viewer.