Changeset a61cf51

Timestamp:

09/06/2012 11:18:54 PM (12 years ago)

Author:

Bruce Dubbs <bdubbs@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

79b6251f

Parents:

88a39b92

Message:

Add info on verifying MIT Kerberos signing key.
Update instructions for library mode.

Tag dejagnu for 7.2.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@10638 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:

• general/prog/dejagnu.xml (modified) (1 diff)
• postlfs/security/mitkrb.xml (modified) (2 diffs)

general/prog/dejagnu.xml

@@ -37 +37 @@
     permanently.</para>
 
-    &lfs71_checked;
+    &lfs72_checked;
 
     <bridgehead renderas="sect3">Package Information</bridgehead>

postlfs/security/mitkrb.xml

@@ -113 +113 @@
       After unpacking the distribution tarball and if you have
       <xref linkend="gnupg"/> installed, you can
-      authenticate the package with the following command:
-    </para>
-
-<screen><userinput>gpg - -verify krb5-&mitkrb-version;.tar.gz.asc</userinput></screen>
+      authenticate the package.  First, check the contents of the file
+      <filename>krb5-1.10.3.tar.gz.asc</filename>.
+    </para>
+
+<screen><userinput>gpg --verify krb5-&mitkrb-version;.tar.gz.asc krb5-&mitkrb-version;.tar.gz</userinput></screen>
+
+    <para>You will probably see output similar to:</para>
+
+<screen>gpg: Signature made Wed Aug  8 22:29:58 2012 GMT using RSA key ID F376813D
+gpg: Can't check signature: public key not found</screen>
+
+    <para>You can import the public key with:</para>
+
+<screen><userinput>gpg gpg --keyserver pgp.mit.edu --recv-keys 0xF376813D</userinput></screen>
+
+    <para>Now re-verify the package with the first command above.  You should 
+    get a indication of a good signature, but the key will still not be certified 
+    with a trusted signature.  Trusting the downloaded key is a separate operation
+    but it is up to you to determine the level of trust.</para>
 
     <para>
@@ -144 +159 @@
 <screen role="root"><userinput>make install &amp;&amp;
 
-for LIBRARY in gssapi_krb5 gssrpc k5crypto kadm5clnt_mit \
-               kadm5clnt kadm5srv_mit kadm5srv kdb5 krb5 \
-               krb5support verto-k5ev verto ; do
+for LIBRARY in gssapi_krb5 gssrpc k5crypto kadm5clnt_mit kadm5srv_mit 
+               kdb5 krb5 krb5support verto-k5ev verto ; do
     chmod -v 755 /usr/lib/lib$LIBRARY.so.*.*
 done &amp;&amp;