You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2012-04-13 20:24:13
- Anatta
- Member
- Registered: 2012-04-13
- Posts: 4
Secure arch install
Hey!
Today i was checking how far the package signing has
progressed in a vm. I did a full install with my usual packages
and everything i need seems to be signed now, so i decided
to install arch on my machine again.
To do a real secure install i need a current core iso image i think.
I guess the netinstall iso is not checking package signatures or
has any security machanism. So i tried to get a current image from
releng.archlinux.org/isos/
I tried nearly all of them, but it looks like every single one is broken.
When formatting and setting mount points, every partition is shown
two times and if i try to modify them, it has no effect at all.
Is there anything else i could do or anything to fix the issue with the core images?
Thanks
Anatta
Offline
#2 2012-04-13 20:45:09
- Gcool
- Member
- Registered: 2011-08-16
- Posts: 1,456
Re: Secure arch install
Welcome to the forums.
If your goal is to do a "secure install", why don't you simply use a netinstall iso and setup keysigning before installing?
Burninate!
Offline
#3 2012-04-13 20:50:34
- Anatta
- Member
- Registered: 2012-04-13
- Posts: 4
Re: Secure arch install
I sure would do that, if i knew that this
was possible. ^^
So if i just setup key signing this will be considered
by the installer?
Edit: Doesn't this mean that i have to use one of the current isos again?
After all pacman needs to be at version 4
Thanks
Last edited by Anatta (2012-04-13 20:53:58)
Offline
#4 2012-04-13 21:10:39
- Gcool
- Member
- Registered: 2011-08-16
- Posts: 1,456
Re: Secure arch install
So if i just setup key signing this will be considered
by the installer?
Yes. The installer basically uses the pacman (and config) that's included in the aif.
Edit: Doesn't this mean that i have to use one of the current isos again?
After all pacman needs to be at version 4
I completely overlooked that fact. You're right, pacman will indeed need to be at version 4. However, the daily snapshots should contain pacman 4 by default.
Burninate!
Offline
#5 2012-04-13 21:18:40
- Anatta
- Member
- Registered: 2012-04-13
- Posts: 4
Re: Secure arch install
So i did a try with a daily snapthot of the netinstall iso.
Sadly it contains the same bug as the core images (see my first post).
Offline
#6 2012-04-13 21:53:01
- alphaniner
- Member
- From: Ancapistan
- Registered: 2010-07-12
- Posts: 2,810
Re: Secure arch install
If you're just doing a test, try the auto-prepare.
Alternatively, use LVM. I just installed from the 04.12 netinstall, and LVM lvs were not affected by the bug. I had to configure the partition for /boot manually, but that was easy enough.
Last edited by alphaniner (2012-04-13 21:55:44)
But whether the Constitution really be one thing, or another, this much is certain - that it has either authorized such a government as we have had, or has been powerless to prevent it. In either case, it is unfit to exist.
-Lysander Spooner
Offline
#7 2012-04-13 21:54:46
- Anatta
- Member
- Registered: 2012-04-13
- Posts: 4
Re: Secure arch install
Yes, that's how i did test and that works
fine. But now i want to acutally install arch
on my hd so i need to do it manually.
Offline
Pages: 1