[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#823107: linux: make deb-pkg fails: No rule to make target 'debian/certs/benh@debian.org.cert.pem')



Control: reopen -1
Control: retitle -1 local{mod,yes}config should fix references to unavailable certificates
Control: tag -1 upstream

On Sat, 2016-04-30 at 23:24 +0200, Santiago Vila wrote:
> On Sat, Apr 30, 2016 at 08:51:25PM +0000, Debian Bug Tracking System wrote:
> 
> > 
> > You wrote:
> > [...]
> > > 
> > > Should I remove CONFIG_SYSTEM_TRUSTED_KEYS from .config before building
> > > the kernel? I hope not.
> > [...]
> > 
> > Yes, you must do that.  Your custom kernel configuration should be
> > based on the appropriate file provided in linux-source-4.5.  These have
> > the CONFIG_MODULE_SIG_ALL, CONFIG_MODULE_SIG_KEY and
> > CONFIG_SYSTEM_TRUSTED_KEYS settings removed so that custom kernels will
> > get modules signed by a one-time key.
> If I have to remove CONFIG_SYSTEM_TRUSTED_KEYS by hand, then
> documentation is wrong.
[...]

Oh, I see the problem.  I didn't realise that the local{mod,yes}config
rules would (a) copy the config file from /boot or (b) keep the keyring
config symbols unchanged.

Ben.

-- 
Ben Hutchings
Tomorrow will be cancelled due to lack of interest.

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: