Novell Home

Creating a Kernel Module Update Installation Source

From Developer Community

Note: GPL-licensed kernel modules built by Novell using the PLDP Build Service may be posted on a Novell site.

Contents

[edit]

Overview

A kernel module update installation source is a disk, local directory or web site used by SUSE Linux utilities to install and/or update kernel modules on users' systems. By creating a kernel module update installation source, partners can provide customers with the ability to get correct kernel module versions automatically, as part of the SUSE installation and update process. This automatic update process reduces versioning problems and greatly improves the overall customer experience.

Partners who wish to provide a kernel module installation/update source may choose to create an Add-on product or a YUM repository.

[edit]

Step-by-Step Instructions

[edit]

Creating an Add-on Product

  • Prerequisites:
  1. RPM(s) (preferably signed) built as detailed in the document /usr/src/linux/Documentation/kbuild/modules.txt and Kernel Module Packages Manual for CODE 10
  2. Download site (with public read access) or separate media for the Add-on product.
  • Create a staging directory on your local system.
  • In your staging directory, create the following directory structure: 
   <staging>/
       media.1/
       suse/
          i386/
          i486/
            .
            .
            .
          setup/
             descr/
  • Place RPMs for different supported architectures in the appropriate architecture directories.
  • Create a file "media" (containing at least the author name, creation date, and number of media) in the "media.1" directory. Example: 
   SUSE Linux Products GmbH
   20060505000500
   1
  • Create a "products" file to describe the different products and their locations on your Add-on media in the "media.1" directory. Example: 
   /                                  Product 1 Name
   product_2_directory     Product 2 Name
   product_3_directory     Product 3 Name
           .
           .
           .
  • Create directory.yast files by typing "ls -A1 -p >directory.yast" in each directory except the <staging>/suse/<arch> directories (where the RPMs are located).
  • Create MD5SUMS files by typing "md5sum * >MD5SUMS" in each <staging>/suse/<arch>/ directory.
  • Install the autoyast2-utils package.
  • From within <staging>/suse, run "create_package_descr -C" to create package description files in <staging>/suse/setup/descr/.
  • Create a <staging>/content file as detailed in Creating Add-ons. Example: 
    PRODUCT e1000 Drivers
    VERSION 1.0
    DISTPRODUCT SUSE-Linux-1.0-e1000
    DISTVERSION 1.0-0
    VENDOR SUSE LINUX Products GmbH, Nuernberg, Germany
    ARCH.i586 i586 i486 i386 noarch
    ARCH.i486 i486 i386 noarch
    ARCH.i386 i386 noarch
    DEFAULTBASE i586
    DESCRDIR suse/setup/descr
    DATADIR suse
    META SHA1 04ef39995b65f02d81d6e1cc22fffda5c3a2a40e MD5SUMS
    META SHA1 b8b7146ce7b1e957bec2978ecaa38078db400ce5 pacakges
    META SHA1 12ee25db081bf57beaef32b798262a18f9242216 packages.DU
       .
       .
       .
 Note: The "META SHA1 ..." lines list the sha1 message digests of each file in the
 <staging>/suse/setup/descr/ directory. To obtain these digest values, run "sha1sum <filename>" for each file.
  • Sign the repository as detailed in "Secure Installation Repositories" at the end of this page. Note: If you do not sign your repository, the end-user will be asked to approve its use as an installation source.
  • Using the SLES/SLED 10 YaST "Installation Sources" utility, test your directory structure by adding your staging directory as a local installation source.
  • Copy the entire contents of your staging directory to your http/ftp site or other media.
[edit]

Creating a YUM Repository

  • Prerequisites:
  1. RPM(s) (preferably signed) built as detailed in the document /usr/src/linux/Documentation/kbuild/modules.txt and Kernel Module Packages Manual for CODE 10.
  2. ftp or http site configured with public read permission.
  • Create a staging directory on your local system.
  • In your staging directory, create the following directory structure: 
        SLE10
              i586
              x86_64
              ia64
                .
                .
                .
  • Place appropriate RPMs in each of the specific architecture directories.
  • If your kernel module is not GPL you must create a license file that will be shown (in YaST and ZEN Updater) to the user to accept or reject the downloading and installing of your kernel module. To associate a license file with an RPM the license file is placed in the same directory as the RPM and given the same name as the RPM with the extension of ".eula.<LANGUAGE> (where LANGUAGE is a two character extension representing the language of the license text, with the default being english). For example, to have an english license file associated with the "myKernelModule-1.2.3-1.i386.rpm" RPM you need a license file named "myKernelModule-1.2.3-1.i386.rpm.eula.en" in the i386 directory.
  • Install the createrepo RPM. Note: If you are using license files as detailed in the above step, version 0.4.4-10 or greater of createrepo is required. If you are not using license files, the createrepo version 0.4.4-9.4 included in SLES/SLED can be used.
  • In your staging directory, run the createrepo script as follows: "createrepo ." This should create a "repodata" directory (containing the repository metadata files) in your staging directory.
  • Sign the repository as detailed in "Secure Installation Repositories" at the end of this page. Note: If you do not sign your repository, the end-user will be asked to approve its use as an installation source.
  • Using the SLES/SLED 10 YaST "Installation Sources" utility, test your directory structure by adding your staging directory as a local installation source.
  • Copy the entire contents of your staging directory to your http or ftp site.
[edit]

Secure Installation Repositories

Once the YaST or YUM repository has been created, the repository must be "signed" as detailed in How to Sign YaST and YUM Repositories. Note: If you do not sign your repository, the end-user will be prompted to accept its use as an installation source. Basic steps:

[edit]

Signing a YaST Repository

  • If you do not already have an established key, create one: 
   gpg -q --gen-key
  • Get the value of this key (temporarily store it in the MY_KEY variable): 
   MY_KEY=$( gpg --list-secret-keys | grep "^sec"|sed -e 's/.*\///;s/ .*//g;' | tail -n 1 )
  • From within your staging directory, sign the content and media.1/products files and export the key: 
   gpg --detach-sign -u "$MY_KEY" -a content
   gpg --export -a -u "$MY_KEY" > content.key
   gpg --detach-sign -u "$MY_KEY" -a media.1/products
   gpg --export -a -u "$MY_KEY" > media.1/products.key
  • Export your key: 
   gpg --export -a -u "$MY_KEY" > gpg-pubkey-MY_KEY.asc
  • In the <staging> directory, recreate the directory.yast file by typing "ls -A1 -p > directory.yast".
  • In the <staging>/media.1 directory, recreate the directory.yast file by typing "ls -A1 -p > directory.yast".
[edit]

Signing a YUM repository

  • If you do not already have an established key, create one: 
   gpg -q --gen-key
  • Get the value of this key (termporarily store it in the MY_KEY variable): 
   MY_KEY=$( gpg --list-secret-keys | grep "^sec"|sed -e 's/.*\///;s/ .*//g;'  )
  • From within your staging directory, sign the repodata/repomd.xml file: 
   gpg -a --detach-sign repodata/repomd.xml
  • Export your key: 
   gpg -a --export "$MY_KEY" > repodata/repomd.xml.key
Retrieved from "http://developer.novell.com/wiki/index.php/Creating_a_Kernel_Module_Update_Installation_Source"

Novell® Making IT Work As One

© 2010 Novell