User Tools

Site Tools


wiki:repositories:raspbian

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
wiki:repositories:raspbian [2016/11/24 12:04]
ionic Raspbianize.
wiki:repositories:raspbian [2019/09/12 17:12]
ionic Sync with repositories:archives:debian.
Line 1: Line 1:
 ====== X2Go Packages for Raspbian GNU/Linux ====== ====== X2Go Packages for Raspbian GNU/Linux ======
  
-To get started you'll need to configure your local system to access the official X2Go Debian repository. Please keep in mind that this installation manual will guide you through the installation on a Raspbian jessie system. Only the armhf architecture is supported.+To get started you'll need to configure your local system to access the official X2Go Raspbian repository. Please keep in mind that this installation manual will guide you through the installation on a Raspbian jessie, stretch or buster system. Only the armhf architecture is supported.
  
  
 ===== Adding This Repository To Your Package System ===== ===== Adding This Repository To Your Package System =====
  
-==== Adding the Repository GPG Keys ====+==== Bootstrapping the Repository GPG Keys ====
  
-Before starting to edit your system configuration, you'll need to add the needed GPG keys of the repository. Please switch to a user which has administrator privileges on your system in your preferred command line client:+<note important>X2Go Packages for Debian and the repository metadata are signed with a GPG key to counter Man-in-the-Middle attacks. If you install X2Go components for the first time on a machine, you will have to bootstrap the repository and package signing key first in order for apt to validate the downloaded repository metadata and use it.</note> 
 + 
 +Please switch to a user which has administrator privileges on your system in your preferred command line client:
  
 <code bash> <code bash>
Line 19: Line 21:
  
  
-The following commands will ensure that your system will be able to work with the repository archive key. We have also provided our archive key and the X2Go maintainers' keys in a keyring package called ''x2go-keyring'' (see below). If you choose to install that package you can skip these first steps... +The following command will ensure that your system will be able to work with the repository archive key.
 <code bash> <code bash>
 $ apt-key adv --recv-keys --keyserver keys.gnupg.net E1F958385BFE2B6E $ apt-key adv --recv-keys --keyserver keys.gnupg.net E1F958385BFE2B6E
Line 29: Line 30:
 Please add the file ''x2go.list'' to the folder ''/etc/apt/sources.list.d/''. Please add the file ''x2go.list'' to the folder ''/etc/apt/sources.list.d/''.
 This can be done by using your preferred editor. This can be done by using your preferred editor.
 +
 +<note>If you have not gotten a directory named ''/etc/apt/sources.list.d/'' add the lines to ''/etc/apt/sources.list''.</note>
  
 <code bash> <code bash>
Line 34: Line 37:
 </code> </code>
  
-Then add the X2Go repository (binaries and sources) as a couple of new lines (example for Debian **jessie**):+Then add the X2Go repository (binaries and sources) as a couple of new lines (example for Raspbian **stretch**):
  
 <file - x2go.list> <file - x2go.list>
 # X2Go Repository (release builds) # X2Go Repository (release builds)
-deb http://packages.x2go.org/raspbian jessie main+deb http://packages.x2go.org/raspbian stretch main
 # X2Go Repository (sources of release builds) # X2Go Repository (sources of release builds)
-deb-src http://packages.x2go.org/raspbian jessie main+deb-src http://packages.x2go.org/raspbian stretch main 
 + 
 +# X2Go Repository (Saimaa ESR builds) 
 +#deb http://packages.x2go.org/raspbian stretch saimaa 
 +# X2Go Repository (sources of release builds) 
 +#deb-src http://packages.x2go.org/raspbian stretch saimaa
  
 # X2Go Repository (nightly builds) # X2Go Repository (nightly builds)
-#deb http://packages.x2go.org/raspbian jessie heuler+#deb http://packages.x2go.org/raspbian stretch heuler
 # X2Go Repository (sources of nightly builds) # X2Go Repository (sources of nightly builds)
-#deb-src http://packages.x2go.org/raspbian jessie heuler+#deb-src http://packages.x2go.org/raspbian stretch heuler
 </file> </file>
  
 +**Edit this new data** and make sure to uncomment desired components and comment non-desired components. Only one group may be active at a given time.
  
-**Note:** If you have not got a folder ''/etc/apt/sources.list.d/'' add the lines to ''/etc/apt/sources.list''.+<note warning>While we do offer pseudo-codenames like ''oldstable'', ''stable'', ''testing'' and ''unstable'' for convenience, you **should not use them**. Our pseudo-codename setup is not guaranteed to be in sync with Debian's releases, so using the ''stable'' codename might mean that you will actually get packages for what Debian calls ''oldstable'' after a new Debian distro release for a considerable amount of time.</note> 
 + 
 +<note warning>Switching between components usually requires uninstalling all X2Go packages first! The only upgrade path that is considered somewhat safe is main (release packages) to heuler (nightly packages), but there are no guarantees regarding the stability or usefulness of nightly packages.</note>
  
 ==== Synchronize the Newly Added Repository's Metadata ==== ==== Synchronize the Newly Added Repository's Metadata ====
Line 58: Line 69:
 $ apt-get update $ apt-get update
 </code> </code>
 +
 +<note important>If you were unable to bootstrap the repository GPG key previously, apt-get will fail to validate the signatures and discard the downloaded repository metadata.
 +\\ \\ 
 +**Not being able to verify signatures means that any content downloaded from the remote location could be injected/offered by a malicious third party and need not come from the X2Go Project. This includes repository metadata and any packages downloaded from unauthenticated repositories. Installing the x2go-keyring package from an unauthenticated repository bears the chance that this is not our package but a malicious third-party one which will not contain our public keys. This holds for all packages installed from this repository, now and later.**
 +\\ \\ 
 +You can bypass apt's internal checks **if you understand the implications** and are ready to take the risk by **once** using:
 +\\ \\ 
 +<code bash>
 +$ apt-get update --allow-insecure-repositories
 +</code>
 +
 +Otherwise, please try to first fetch the key again as outlined in the bootstrapping instructions.
 +</note>
  
 After the update you should be able to access the X2Go packages via the apt command family. As a first action you should install our ''x2go-keyring'' package and refresh the apt cache: After the update you should be able to access the X2Go packages via the apt command family. As a first action you should install our ''x2go-keyring'' package and refresh the apt cache:
wiki/repositories/raspbian.txt · Last modified: 2019/09/12 17:13 by ionic