The key folder is used by `opkg` and `usign` to store and retrieve
trusted public keys. Using `opkg-key` outside a running device is
unfeasible as the key folder is hard coded to `/etc/opkg/keys`.
This commit adds a variable OPKG_KEYS which defaults to `/etc/opkg/keys`
if unset, however allows set arbitrary key folder locations.
Arbitrary key folder locations are useful to add signature verification
to the ImageBuilders.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Split the opkg.conf into three files, to make it easier to support custom
feeds and configs:
* /etc/opkg.conf -> base opkg configuration
* /etc/opkg/distfeeds.conf -> default Openwrt package feeds
* /etc/opkg/customfeeds.conf -> custom package feeds
Of these three, only the base opkg.conf and the customfeeds.conf is marked
as to be kept, so that the distfeeds.conf from the image is always used.
To ease migration, a script is added that moves any feeds from /etc/opkg.conf
to /etc/opkg/customfeeds.conf on first boot.
Also ensure that any keys used for verification are also kept in upgrade.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46491
This changeset implements a new menuconfig option to generate separate
repositories for each enabled package feed instead of one monolithic one.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 42002
Add package signing key and certificate configuration options to the
"Image configuration" submenu. If enabled, the Packages.gz list will
be signed as file Packages.sig. The passphrase for the signing key can
be sourced from a file or entered by the user. The signing certificate
is automatically added to the firmware image if opkg-smime is selected.
Signed-off-by: Evan Hunt <each@isc.org>
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 38284
