Difference between revisions of "BCCD:Packages"

From Earlham CS Department
Jump to navigation Jump to search
(From the BCCD CVS tree)
Line 84: Line 84:
  
 
==Generating a GPG Key to Sign Packages==
 
==Generating a GPG Key to Sign Packages==
 +
This has already been done in the root account on hopper.  As of May 17, 2006 we will all use this key to sign packages.
 
===Generating the Key===
 
===Generating the Key===
 
'''Quick Guide.'''  For the far more detailed instructions from which these commands have been extracted, see [http://www.nmlug.org/faqs/gen-gpg-key.html How to Generate a GPG key].
 
'''Quick Guide.'''  For the far more detailed instructions from which these commands have been extracted, see [http://www.nmlug.org/faqs/gen-gpg-key.html How to Generate a GPG key].

Revision as of 11:12, 17 May 2006

Building a Package and Adding it to the Repository

The BCCD has a set of downloadable packages, available via the list-packages command (as root) on a running copy of the BCCD. The instructions that follow explain the process of adding a package to the repository that list-packages uses. The BCCD package system simply unpacks the specified tarball in /usr/local, so a "package" can contain anything from a set of binaries to a collection of documentation files in text, html, or some other format (e.g., a curriculum module).

From the BCCD CVS tree

  • Obtain a copy of the BCCD source from bccd.cs.uni.edu (contact Paul Gray for access), then
  • See the instructions for adding a package at http://lnxbbc.org/garchitecture.html
  • After setting up the new package, run make tarball and copy the resulting file to its own directory in /cluster/bccd-packages/ppc/2.2 on hopper

On a running BCCD

These instructions assume that you start as root in ~, on a running copy of the BCCD.

  • Build the source:
tar xzf somesource-*.tar.gz
cd somesource-*
./configure --prefix=/usr/local
make
  • Install the binaries in /usr/local, but archive its current contents first so they don't get packaged up too:
mkdir ~/local
mv /usr/local/* ~/local
make install
  • Package up /usr/local, clean up, and move the old contents of /usr/local back where they belong:
cd /usr/local
tar czf ~/somepkg.tar.gz .
rm -rf /usr/local/*
mv ~/local/* /usr/local
cd
gpg --detach somepkg.tar.gz
gpg --verify somepkg.tar.gz.sig # does this do what I think it does?
  • Create the package directory on bccd.cs.uni.edu for x86 or cluster.earlham.edu for PPC, upload the package and signature, and add the package to packages.txt:
#for x86
ssh bccd.cs.uni.edu mkdir /var/www/packages/i386/2.2/somepkg
scp somesource.tar.gz* bccd.cs.uni.edu:/var/www/packages/i386/2.2/somepkg
ssh bccd.cs.uni.edu echo "somepkg	some package description" >> /var/www/packages/i386/2.2/packages.txt

#for ppc
ssh cluster.earlham.edu mkdir /cluster/bccd-packages/ppc/2.2/somepkg
scp somesource.tar.gz* cluster.earlham.edu:/cluster/bccd-packages/ppc/2.2/somepkg
ssh cluster.earlham.edu echo "somepkg	some package description" >> /cluster/bccd-packages/ppc/2.2/packages.txt

(notice the tab between the package name and description on the last line)

Example: Building GROMACS

  • Setup your environment:
export LDFLAGS="-L/lib/gcc-lib/powerpc-lnxbbc-linux -L/usr/local/lib -L/mpich/lib"
export CPPFLAGS=-I/usr/local/include
export LD_LIBRARY_PATH=/lib/gcc-lib/powerpc-lnxbbc-linux/:/mpich/lib
export PATH=$PATH:/mpich/bin
  • Fix BCCD lib bug (necessary as of 6/20/2005):
mkdir -p /tmp/snapshot.build/staging/singularity/image
ln -s /lib /tmp/snapshot.build/staging/singularity/image/lib
  • Install necessary headers:
list-packages #select fixpackages and hit OK
  • Build FFTW and GROMACS:
cd fftw-* # 2.1.5 works
./configure --enable-float --enable-type-prefix --enable-mpi --prefix=/usr/local
make -j2
make install
make distclean
./configure --enable-type-prefix --enable-mpi --prefix=/usr/local
make -j2
make install
cd ../gromacs-* # 3.2.1 works
make distclean
./configure --enable-mpi --enable-shared --prefix=/usr/local --exec-prefix=/usr/local
make -j2
make install

Now you should have a working copy of GROMACS in /usr/local. Enjoy!

Generating a GPG Key to Sign Packages

This has already been done in the root account on hopper. As of May 17, 2006 we will all use this key to sign packages.

Generating the Key

Quick Guide. For the far more detailed instructions from which these commands have been extracted, see How to Generate a GPG key.

gpg --gen-key
gpg --fingerprint
gpg --export --armor user@host.org > key.gpg.asc
gpg --keyserver wwwkeys.us.pgp.net --send-keys user@host.org
gpg --gen-revoke user@host.org > revoke.gpg.asc
chmod 400 revoke.gpg.asc

When finished, key.gpg.asc is your public key (if you're going to sign packages with this key in the distribution BCCD, add it to the image as a trusted key), and revoke.gpg.asc is your revocation certificate, should you need to revoke this key pair.

Making the Key Authoritative

To make your new key authoritative in the BCCD image, you need to append it to bccd/archive/garpkg/files/gar-keys.asc.

  • First, grab a copy of your key fingerprint:
tmcnulty@bccd:~$ gpg --fingerprint
/home/tmcnulty/.gnupg/pubring.gpg
---------------------------------
pub  1024R/825ADB6E 2005-06-14 Tobias McNulty (BCCD) <tmcnulty@ppckernel.org>
     Key fingerprint = 47BB 9126 6FE0 866D 11C0  AB3E 499D 4547 825A DB6E
  • Next, append the line starting with "pub" to gar-keys.asc:
tmcnulty@c15:~/bccd/archive/garpkg/files$ cat >> gar-keys.asc

pub  1024R/825ADB6E 2005-06-14 Tobias McNulty (BCCD) <tmcnulty@ppckernel.org>

<control-d>
  • Now, append gar-keys.asc with the contents of key.gpg.asc:
tmcnulty@c15:~/bccd/archive/garpkg/files$ cat ~/key.gpg.asc >> gar-keys.asc
  • You'll need to update the checksum for gar-keys.asc:
tmcnulty@c15:~/bccd/archive/garpkg/files$ md5sum gar-keys.asc >> ../checksums
tmcnulty@c15:~/bccd/archive/garpkg/files$ vim ../checksums #remove the old checksum line

Now, rebuild the ISO, upload some signed packages to the repository, and give list-packages a try!