* [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool
@ 2017-03-20 11:36 Enrico Jorns
2017-03-20 11:36 ` [ptxdist] [PATCH 1/3] rauc: new package Enrico Jorns
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Enrico Jorns @ 2017-03-20 11:36 UTC (permalink / raw)
To: ptxdist; +Cc: Enrico Jorns, jlu
These patches add recipes for building the RAUC update tool as well as a recipe
for creating basic update Bundles using RAUC and genimage.
Enrico Jorns (3):
rauc: new package
image-rauc: new package
scripts: add script that generates test certificates for RAUC
config/images/rauc.config | 17 +++
platforms/image-rauc.in | 28 +++++
projectroot/etc/rauc/ca.cert.pem | 7 ++
projectroot/etc/rauc/system.conf | 36 ++++++
.../lib/systemd/system/rauc-mark-good.service | 10 ++
rules/host-rauc.in | 8 ++
rules/host-rauc.make | 32 ++++++
rules/image-rauc.make | 69 +++++++++++
rules/rauc.in | 34 ++++++
rules/rauc.make | 90 +++++++++++++++
scripts/rauc-gen-test-certs.sh | 128 +++++++++++++++++++++
11 files changed, 459 insertions(+)
create mode 100644 config/images/rauc.config
create mode 100644 platforms/image-rauc.in
create mode 100644 projectroot/etc/rauc/ca.cert.pem
create mode 100644 projectroot/etc/rauc/system.conf
create mode 100644 projectroot/lib/systemd/system/rauc-mark-good.service
create mode 100644 rules/host-rauc.in
create mode 100644 rules/host-rauc.make
create mode 100644 rules/image-rauc.make
create mode 100644 rules/rauc.in
create mode 100644 rules/rauc.make
create mode 100755 scripts/rauc-gen-test-certs.sh
--
2.11.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 6+ messages in thread* [ptxdist] [PATCH 1/3] rauc: new package 2017-03-20 11:36 [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Enrico Jorns @ 2017-03-20 11:36 ` Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 2/3] image-rauc: " Enrico Jorns ` (2 subsequent siblings) 3 siblings, 0 replies; 6+ messages in thread From: Enrico Jorns @ 2017-03-20 11:36 UTC (permalink / raw) To: ptxdist; +Cc: Enrico Jorns, jlu This adds recipes for building the RAUC update tool both as a host tool as well as a target update tool and service. When using systemd, the package will install a rauc.service that allows to start RAUC, by default RAUC does not start automatically but uses D-Bus activation when invoked by your application or by the command line tool ./rauc. You will also get a rauc-mark-good.service in your rootfs by default that is wanted by multi-user.taget and is used to notify the underlying bootloader implementation about having booted successfully in userspace. You can also make it depend on your application services being started. For integrating RAUC with your platform, you need to have a system description file /etc/rauc/system.conf in your platforms projectroot/ dir. This defines all relevant slots and provides information and configuration RAUC requires to properly handle the platform it is running on. You also have to place a valid keyring file into you platforms projectroot/ as /etc/rauc/ca.cert.pem to allow RAUC verifying update Bundles before installing them. There are dummy files installed by default for ca.cert.pem and system.conf which only contain hints on how to set up correct project-specific ones. The additional good-marking-service installed by the recipe runs after user space is brought up and notifies the underlying bootloader implementation about a successful boot of the system. This is typically used in conjunction with a boot attempts counter in the bootloader that is decremented before starting the systemd and reset by `rauc status mark-good` to indicate a successfully system startup. Signed-off-by: Enrico Jorns <ejo@pengutronix.de> --- projectroot/etc/rauc/ca.cert.pem | 7 ++ projectroot/etc/rauc/system.conf | 36 +++++++++ .../lib/systemd/system/rauc-mark-good.service | 10 +++ rules/host-rauc.in | 8 ++ rules/host-rauc.make | 32 ++++++++ rules/rauc.in | 34 ++++++++ rules/rauc.make | 90 ++++++++++++++++++++++ 7 files changed, 217 insertions(+) create mode 100644 projectroot/etc/rauc/ca.cert.pem create mode 100644 projectroot/etc/rauc/system.conf create mode 100644 projectroot/lib/systemd/system/rauc-mark-good.service create mode 100644 rules/host-rauc.in create mode 100644 rules/host-rauc.make create mode 100644 rules/rauc.in create mode 100644 rules/rauc.make diff --git a/projectroot/etc/rauc/ca.cert.pem b/projectroot/etc/rauc/ca.cert.pem new file mode 100644 index 000000000..be1aa7c30 --- /dev/null +++ b/projectroot/etc/rauc/ca.cert.pem @@ -0,0 +1,7 @@ +# This is a dummy keyring file. Please overwrite this with one that matches +# your X.509 infrastructure if you intend to use RAUC for secure updates! +# +# If you really do not intend to actively use the security features (or for +# testing purpose) you may create a development certificate by executing the +# script `rauc-gen-test-certs.sh` from the `scripts` folder in your PTXdist +# installation. diff --git a/projectroot/etc/rauc/system.conf b/projectroot/etc/rauc/system.conf new file mode 100644 index 000000000..2881ab2f8 --- /dev/null +++ b/projectroot/etc/rauc/system.conf @@ -0,0 +1,36 @@ +## This is an example RAUC system configuration. This file will be installed +## into /etc/rauc/system.conf on your target and describes your system from the +## perspective of the RAUC update service. +## +## If you find this file in your build rootfs, your have not set up a +## system.conf for your platform, yet. +## Create one according to this dummy template from +## `projectroot/etc/rauc/system.conf` in your PTXdist installation and place it +## in the platform directory of you project under +## `projectroot/etc/rauc/system.conf`. +## +## --- +## +# [system] +# compatible=@RAUC_BUNDLE_COMPATIBLE@ +# bootloader=<barebox|uboot|grub> +# +# [slot.rootfs.0] +# device=/dev/mmcblkXp1 +# type=ext4 +# bootname=system0 +# +# [slot.rootfs.1] +# device=/dev/mmcblkXp2 +# type=ext4 +# bootname=system1 +# +# [slot.appfs.0] +# device=/dev/mmcblkXp3 +# type=ext4 +# parent=rootfs.0 +# +# [slot.appfs.1] +# device=/dev/mmcblkXp4 +# type=ext4 +# parent=rootfs.1 diff --git a/projectroot/lib/systemd/system/rauc-mark-good.service b/projectroot/lib/systemd/system/rauc-mark-good.service new file mode 100644 index 000000000..af4daab9f --- /dev/null +++ b/projectroot/lib/systemd/system/rauc-mark-good.service @@ -0,0 +1,10 @@ +[Unit] +Description=RAUC Good-marking Service +ConditionKernelCommandLine=|bootchooser.active +ConditionKernelCommandLine=|rauc.slot + +[Service] +ExecStart=/usr/bin/rauc status mark-good + +[Install] +WantedBy=multi-user.target diff --git a/rules/host-rauc.in b/rules/host-rauc.in new file mode 100644 index 000000000..0e02743c7 --- /dev/null +++ b/rules/host-rauc.in @@ -0,0 +1,8 @@ +## SECTION=hosttools_noprompt +## SECTION=hosttools_platform + +config HOST_RAUC + tristate + select HOST_GLIB + select HOST_OPENSSL + select HOST_SQUASHFS_TOOLS diff --git a/rules/host-rauc.make b/rules/host-rauc.make new file mode 100644 index 000000000..4345ae8f5 --- /dev/null +++ b/rules/host-rauc.make @@ -0,0 +1,32 @@ +# -*-makefile-*- +# +# Copyright (C) 2015 by Michael Grzeschik <mgr@pengutronix.de> +# +# See CREDITS for details about who has contributed to this project. +# +# For further information about the PTXdist project and license conditions +# see the README file. +# + +# +# We provide this package +# +HOST_PACKAGES-$(PTXCONF_HOST_RAUC) += host-rauc + +# ---------------------------------------------------------------------------- +# Prepare +# ---------------------------------------------------------------------------- + +# +# autoconf +# +HOST_RAUC_CONF_TOOL := autoconf +HOST_RAUC_CONF_OPT := \ + $(HOST_AUTOCONF) \ + --disable-code-coverage \ + --disable-valgrind \ + --disable-service \ + --disable-network \ + --disable-json + +# vim: syntax=make diff --git a/rules/rauc.in b/rules/rauc.in new file mode 100644 index 000000000..263a67bf1 --- /dev/null +++ b/rules/rauc.in @@ -0,0 +1,34 @@ +## SECTION=applications + +menuconfig RAUC + tristate + prompt "Rauc Update Tool " + select OPENSSL + select GLIB + select LIBCURL if RAUC_NETWORK + select JSON_GLIB if RAUC_JSON + help + Robust Auto-Update Controller. RAUC controls the update process on embedded linux systems. + +if RAUC + +config RAUC_NETWORK + bool + prompt "network support" + +config RAUC_JSON + bool + prompt "JSON support" + +config RAUC_COMPATIBLE + prompt "RAUC Compatible" + string + default "${PTXCONF_PROJECT_VENDOR}\ ${PTXCONF_PROJECT}" + help + An explicit identification string that RAUC uses to assure an update + bundle matches with the correct root filesystem on the target. + + Only if the compatible in the targets RAUC system.conf file and those + in the Bundle's manifest match exactly, an update will be performed + +endif diff --git a/rules/rauc.make b/rules/rauc.make new file mode 100644 index 000000000..ba7152bbd --- /dev/null +++ b/rules/rauc.make @@ -0,0 +1,90 @@ +# -*-makefile-*- +# +# Copyright (C) 2015 by Enrico Joerns <e.joerns@pengutronix.de> +# +# See CREDITS for details about who has contributed to this project. +# +# For further information about the PTXdist project and license conditions +# see the README file. +# + +# +# We provide this package +# +PACKAGES-$(PTXCONF_RAUC) += rauc + +# +# Paths and names +# +RAUC_VERSION := v0.1 +RAUC_MD5 := 33c6f45b71f9b9c082fa852c3d5915d9 +RAUC := rauc-$(RAUC_VERSION) +RAUC_SUFFIX := tar.xz +RAUC_URL := https://github.com/rauc/rauc/releases/download/v0.1/rauc-0.1.tar.xz +RAUC_SOURCE := $(SRCDIR)/$(RAUC).$(RAUC_SUFFIX) +RAUC_DIR := $(BUILDDIR)/$(RAUC) +RAUC_LICENSE := LGPL-2.1 + +# ---------------------------------------------------------------------------- +# Prepare +# ---------------------------------------------------------------------------- + +#RAUC_CONF_ENV := $(CROSS_ENV) + +# +# autoconf +# +RAUC_CONF_TOOL := autoconf +RAUC_CONF_OPT := \ + $(CROSS_AUTOCONF_USR) \ + --enable-debug=info \ + $(GLOBAL_LARGE_FILE_OPTION) \ + --disable-code-coverage \ + --disable-valgrind \ + --enable-service \ + --$(call ptx/endis,PTXCONF_RAUC_NETWORK)-network \ + --$(call ptx/endis,PTXCONF_RAUC_JSON)-json \ + --with-systemdunitdir=/lib/systemd/system \ + --with-dbuspolicydir=/usr/share/dbus-1/system.d \ + --with-dbussystemservicedir=/usr/share/dbus-1/system-services + +# ---------------------------------------------------------------------------- +# Target-Install +# ---------------------------------------------------------------------------- + +$(STATEDIR)/rauc.targetinstall: + @$(call targetinfo) + + @$(call install_init, rauc) + @$(call install_fixup, rauc,PRIORITY,optional) + @$(call install_fixup, rauc,SECTION,base) + @$(call install_fixup, rauc,AUTHOR,"Enrico Joerns <e.joerns@pengutronix.de>") + @$(call install_fixup, rauc,DESCRIPTION,missing) + + @$(call install_copy, rauc, 0, 0, 0755, -, /usr/bin/rauc) + @$(call install_alternative, rauc, 0, 0, 0644, /etc/rauc/system.conf) + @$(call install_replace, rauc, /etc/rauc/system.conf, \ + @RAUC_BUNDLE_COMPATIBLE@, \ + $(PTXCONF_RAUC_COMPATIBLE)) + @$(call install_alternative, rauc, 0, 0, 0644, /etc/rauc/ca.cert.pem) + + @$(call install_copy, rauc, 0, 0, 0644, -, \ + /usr/share/dbus-1/system-services/de.pengutronix.rauc.service) + @$(call install_copy, rauc, 0, 0, 0644, -, \ + /usr/share/dbus-1/system.d/de.pengutronix.rauc.conf) + +ifdef PTXCONF_INITMETHOD_SYSTEMD + @$(call install_alternative, rauc, 0, 0, 0644, \ + /lib/systemd/system/rauc.service) + + @$(call install_alternative, rauc, 0, 0, 0644, \ + /lib/systemd/system/rauc-mark-good.service) + @$(call install_link, rauc, ../rauc-mark-good.service, \ + /lib/systemd/system/multi-user.target.wants/rauc-mark-good.service) +endif + + @$(call install_finish, rauc) + + @$(call touch) + +# vim: syntax=make -- 2.11.0 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 6+ messages in thread
* [ptxdist] [PATCH 2/3] image-rauc: new package 2017-03-20 11:36 [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 1/3] rauc: new package Enrico Jorns @ 2017-03-20 11:36 ` Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 3/3] scripts: add script that generates test certificates for RAUC Enrico Jorns 2017-03-24 14:34 ` [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Michael Olbrich 3 siblings, 0 replies; 6+ messages in thread From: Enrico Jorns @ 2017-03-20 11:36 UTC (permalink / raw) To: ptxdist; +Cc: Enrico Jorns, jlu This adds a default image recipe for building a RAUC update Bundle out of the systems rootfs. In order to sign your update (mandatory) you need to place a valid certificate and key file in your BSP. Their location is default they are currently expected to be located at: $(PTXDIST_PLATFORMCONFIGDIR)/config/rauc/rauc.key.pem (key) $(PTXDIST_PLATFORMCONFIGDIR)/config/rauc/rauc.cert.pem (cert) PTXdist will then create the bundle during a run of `ptxdist images`. Signed-off-by: Enrico Jorns <ejo@pengutronix.de> --- config/images/rauc.config | 17 ++++++++++++ platforms/image-rauc.in | 28 +++++++++++++++++++ rules/image-rauc.make | 69 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 114 insertions(+) create mode 100644 config/images/rauc.config create mode 100644 platforms/image-rauc.in create mode 100644 rules/image-rauc.make diff --git a/config/images/rauc.config b/config/images/rauc.config new file mode 100644 index 000000000..fb43c7efb --- /dev/null +++ b/config/images/rauc.config @@ -0,0 +1,17 @@ +image update.raucb { + rauc { + file root.tar.gz { image = "root.tgz" } + manifest = " + [update] + compatible=@RAUC_BUNDLE_COMPATIBLE@ + version=@RAUC_BUNDLE_VERSION@ + build=@RAUC_BUNDLE_BUILD@ + description=@RAUC_BUNDLE_DESCRIPTION@ + + [image.rootfs] + filename=root.tar.gz + " + cert = "@RAUC_CERT@" + key = "@RAUC_KEY@" + } +} diff --git a/platforms/image-rauc.in b/platforms/image-rauc.in new file mode 100644 index 000000000..71c6898ba --- /dev/null +++ b/platforms/image-rauc.in @@ -0,0 +1,28 @@ +## SECTION=image2 + +menuconfig IMAGE_RAUC + tristate + prompt "Generate RAUC Update Bundle" + select HOST_GENIMAGE + select HOST_RAUC + select IMAGE_ROOT_TGZ + help + This generates a RAUC update Bundle for the selected platform using + genimage. + + By default, this will create a simple Bundle for updating a 'rootfs' + slot with the content from PTXdist's root file system .tgz image. + + To customize the bundle, copy and adapt the genimage configuration + file rauc.config. + +if IMAGE_RAUC + +config IMAGE_RAUC_DESCRIPTION + prompt "RAUC Bundle Description" + string + default "" + help + Optional description that will be placed in the Bundles metadata. + +endif diff --git a/rules/image-rauc.make b/rules/image-rauc.make new file mode 100644 index 000000000..5f34909de --- /dev/null +++ b/rules/image-rauc.make @@ -0,0 +1,69 @@ +# -*-makefile-*- +# +# Copyright (C) 2017 by Enrico Joerns <e.joerns@pengutronix.de> +# Copyright (C) 2016 by Michael Olbrich <m.olbrich@pengutronix.de> +# +# See CREDITS for details about who has contributed to this project. +# +# For further information about the PTXdist project and license conditions +# see the README file. +# + +# +# We provide this package +# +IMAGE_PACKAGES-$(PTXCONF_IMAGE_RAUC) += image-rauc + +# +# Paths and names +# +IMAGE_RAUC := image-rauc +IMAGE_RAUC_DIR := $(BUILDDIR)/$(IMAGE_RAUC) +IMAGE_RAUC_IMAGE := $(IMAGEDIR)/update.raucb +IMAGE_RAUC_CONFIG := rauc.config + +# ---------------------------------------------------------------------------- +# Image +# ---------------------------------------------------------------------------- + +IMAGE_RAUC_KEY = $(PTXDIST_PLATFORMCONFIGDIR)/config/rauc/rauc.key.pem +IMAGE_RAUC_CERT = $(PTXDIST_PLATFORMCONFIGDIR)/config/rauc/rauc.cert.pem + +IMAGE_RAUC_ENV := \ + RAUC_BUNDLE_COMPATIBLE=$(PTXCONF_RAUC_COMPATIBLE) \ + RAUC_BUNDLE_VERSION=$(PTXDIST_BSP_AUTOVERSION) \ + RAUC_BUNDLE_BUILD=$(shell date +%FT%T%z) \ + RAUC_BUNDLE_DESCRIPTION=$(PTXCONF_IMAGE_RAUC_DESCRIPTION) \ + RAUC_KEY=$(IMAGE_RAUC_KEY) \ + RAUC_CERT=$(IMAGE_RAUC_CERT) + +$(IMAGE_RAUC_IMAGE): $(IMAGE_RAUC_KEY) $(IMAGE_RAUC_CERT) + @$(call targetinfo) + @$(call image/genimage, IMAGE_RAUC) + @$(call finish) + +$(IMAGE_RAUC_KEY): + @echo + @echo "****************************************************************************" + @echo "******** Please place your signing key in config/rauc/rauc.key.pem. ********" + @echo "* *" + @echo "* Note: For test-purpose you can create one by running rauc-gen-certs.sh *" + @echo "* from the scripts/ folder of your PTXdist installation *" + @echo "****************************************************************************" + @echo + @echo + @exit 1 + +$(IMAGE_RAUC_CERT): + @echo + @echo "****************************************************************************" + @echo "**** Please place your signing certificate in config/rauc/rauc.cert.pem. ***" + @echo "* *" + @echo "* Note: For test-purpose you can create one by running rauc-gen-certs.sh *" + @echo "* from the scripts/ folder of your PTXdist installation *" + @echo "****************************************************************************" + @echo + @echo + @exit 1 + +# vim: syntax=make -- 2.11.0 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 6+ messages in thread
* [ptxdist] [PATCH 3/3] scripts: add script that generates test certificates for RAUC 2017-03-20 11:36 [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 1/3] rauc: new package Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 2/3] image-rauc: " Enrico Jorns @ 2017-03-20 11:36 ` Enrico Jorns 2017-03-24 14:34 ` [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Michael Olbrich 3 siblings, 0 replies; 6+ messages in thread From: Enrico Jorns @ 2017-03-20 11:36 UTC (permalink / raw) To: ptxdist; +Cc: Enrico Jorns, jlu Signed-off-by: Enrico Jorns <ejo@pengutronix.de> --- scripts/rauc-gen-test-certs.sh | 128 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) create mode 100755 scripts/rauc-gen-test-certs.sh diff --git a/scripts/rauc-gen-test-certs.sh b/scripts/rauc-gen-test-certs.sh new file mode 100755 index 000000000..06f4d297b --- /dev/null +++ b/scripts/rauc-gen-test-certs.sh @@ -0,0 +1,128 @@ +#!/bin/bash +# +# Copyright (C) 2017 by Enrico Joerns <e.joerns@pengutronix.de> +# Copyright (C) 2016 by Jan Luebbe <j.luebbe@pengutronix.de> +# +# See CREDITS for details about who has contributed to this project. +# +# For further information about the PTXdist project and license conditions +# see the README file. +# +# --- +# +# Demo script that generates certificate files required to sign and verify +# RAUC update tool bundles. +# + +set -xe + +ORG="Test Org" +CA="rauc CA" + +# After the CRL expires, signatures cannot be verified anymore +CRL="-crldays 5000" + +BASE="$(pwd)/rauc-openssl-ca" + +if [ -e $BASE ]; then + echo "$BASE already exists" + exit 1 +fi + +mkdir -p $BASE/dev/{private,certs} +touch $BASE/dev/index.txt +echo 01 > $BASE/dev/serial + +cat > $BASE/openssl.cnf <<EOF +[ ca ] +default_ca = CA_default # The default ca section + +[ CA_default ] + +dir = . # top dir +database = \$dir/index.txt # index file. +new_certs_dir = \$dir/certs # new certs dir + +certificate = \$dir/ca.cert.pem # The CA cert +serial = \$dir/serial # serial no file +private_key = \$dir/private/ca.key.pem# CA private key +RANDFILE = \$dir/private/.rand # random number file + +default_startdate = 19700101000000Z +default_enddate = 99991231235959Z +default_crl_days= 30 # how long before next CRL +default_md = sha256 # md to use + +policy = policy_any # default policy +email_in_dn = no # Don't add the email into cert DN + +name_opt = ca_default # Subject name display option +cert_opt = ca_default # Certificate display option +copy_extensions = none # Don't copy extensions from request + +[ policy_any ] +organizationName = match +commonName = supplied + +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +x509_extensions = v3_leaf +encrypt_key = no +default_md = sha256 + +[ req_distinguished_name ] +commonName = Common Name (eg, YOUR name) +commonName_max = 64 + +[ v3_ca ] + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:TRUE + +[ v3_inter ] + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:TRUE,pathlen:0 + +[ v3_leaf ] + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:FALSE +EOF + +export OPENSSL_CONF=$BASE/openssl.cnf + +echo "Development CA" +cd $BASE/dev +openssl req -newkey rsa -keyout private/ca.key.pem -out ca.csr.pem -subj "/O=$ORG/CN=$ORG $CA Development" +openssl ca -batch -selfsign -extensions v3_ca -in ca.csr.pem -out ca.cert.pem -keyfile private/ca.key.pem + +echo "Development Signing Keys 1" +cd $BASE/dev +openssl req -newkey rsa -keyout private/rauc.key.pem -out rauc.csr.pem -subj "/O=$ORG/CN=$ORG Development-1" +openssl ca -batch -extensions v3_leaf -in rauc.csr.pem -out rauc.cert.pem + +cat << EOF +=============================================================================== + +Note that the default application should be to set up a public key +infrastructure at your site and use keys and certificates genereated by these. + +In oder to use the just generated files in your BSP for testing purpose or if +you do not intend to use real authentification, follow the instructions below. + +Place the key and certificate file in your platform-dir's config/ folder: + + cp rauc-openssl-ca/private/rauc.key.pem <platform-dir>/config/rauc/rauc.key.pem + cp rauc-openssl-ca/rauc.cert.pem <platform-dir>/config/rauc/rauc.cert.pem + +Place the keyring file in your platform-dir's projectroot/ folder: + + cp rauc-openssl-ca/ca.cert.pem <plaform-dir>/projectroot/etc/rauc/ca.cert.pem + +=============================================================================== +EOF -- 2.11.0 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool 2017-03-20 11:36 [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Enrico Jorns ` (2 preceding siblings ...) 2017-03-20 11:36 ` [ptxdist] [PATCH 3/3] scripts: add script that generates test certificates for RAUC Enrico Jorns @ 2017-03-24 14:34 ` Michael Olbrich 2017-03-24 19:00 ` Alexander Dahl 3 siblings, 1 reply; 6+ messages in thread From: Michael Olbrich @ 2017-03-24 14:34 UTC (permalink / raw) To: ptxdist On Mon, Mar 20, 2017 at 12:36:24PM +0100, Enrico Jorns wrote: > These patches add recipes for building the RAUC update tool as well as a recipe > for creating basic update Bundles using RAUC and genimage. > > Enrico Jorns (3): > rauc: new package > image-rauc: new package > scripts: add script that generates test certificates for RAUC Thanks, all applied. Michael > config/images/rauc.config | 17 +++ > platforms/image-rauc.in | 28 +++++ > projectroot/etc/rauc/ca.cert.pem | 7 ++ > projectroot/etc/rauc/system.conf | 36 ++++++ > .../lib/systemd/system/rauc-mark-good.service | 10 ++ > rules/host-rauc.in | 8 ++ > rules/host-rauc.make | 32 ++++++ > rules/image-rauc.make | 69 +++++++++++ > rules/rauc.in | 34 ++++++ > rules/rauc.make | 90 +++++++++++++++ > scripts/rauc-gen-test-certs.sh | 128 +++++++++++++++++++++ > 11 files changed, 459 insertions(+) > create mode 100644 config/images/rauc.config > create mode 100644 platforms/image-rauc.in > create mode 100644 projectroot/etc/rauc/ca.cert.pem > create mode 100644 projectroot/etc/rauc/system.conf > create mode 100644 projectroot/lib/systemd/system/rauc-mark-good.service > create mode 100644 rules/host-rauc.in > create mode 100644 rules/host-rauc.make > create mode 100644 rules/image-rauc.make > create mode 100644 rules/rauc.in > create mode 100644 rules/rauc.make > create mode 100755 scripts/rauc-gen-test-certs.sh > > -- > 2.11.0 > > > _______________________________________________ > ptxdist mailing list > ptxdist@pengutronix.de -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool 2017-03-24 14:34 ` [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Michael Olbrich @ 2017-03-24 19:00 ` Alexander Dahl 0 siblings, 0 replies; 6+ messages in thread From: Alexander Dahl @ 2017-03-24 19:00 UTC (permalink / raw) To: ptxdist [-- Attachment #1.1: Type: text/plain, Size: 860 bytes --] Hei hei, On Fri, Mar 24, 2017 at 03:34:55PM +0100, Michael Olbrich wrote: > On Mon, Mar 20, 2017 at 12:36:24PM +0100, Enrico Jorns wrote: > > These patches add recipes for building the RAUC update tool as well as a recipe > > for creating basic update Bundles using RAUC and genimage. > > > > Enrico Jorns (3): > > rauc: new package > > image-rauc: new package > > scripts: add script that generates test certificates for RAUC > > Thanks, all applied. Thanks to both of you, I very much appreciate the inclusion of RAUC into ptxdist. :-) Greets Alex -- »With the first link, the chain is forged. The first speech censured, the first thought forbidden, the first freedom denied, chains us all irrevocably.« (Jean-Luc Picard, quoting Judge Aaron Satie) *** GnuPG-FP: C28E E6B9 0263 95CF 8FAF 08FA 34AD CD00 7221 5CC6 *** [-- Attachment #1.2: Type: application/pgp-signature, Size: 819 bytes --] [-- Attachment #2: Type: text/plain, Size: 91 bytes --] _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-03-24 19:00 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2017-03-20 11:36 [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 1/3] rauc: new package Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 2/3] image-rauc: " Enrico Jorns 2017-03-20 11:36 ` [ptxdist] [PATCH 3/3] scripts: add script that generates test certificates for RAUC Enrico Jorns 2017-03-24 14:34 ` [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Michael Olbrich 2017-03-24 19:00 ` Alexander Dahl
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox