Ubuntu 18.04中的apt-get版本為1.6.8。 如果你使用的ubuntu版本較低,apt版本低於1.5,可使用簡單的方法配置本地源。簡單方法見第二部分。
第一部分,ubuntu18.04上制作本地源
步驟有:
一 創建目錄:mkdir repository
二 拷貝deb文件到目錄 cp /path/to/*.deb repository/
三 進入目錄生成索引文件及Release文件
cd repository
apt-ftparchive packages . > Packages
apt-ftparchive release . > Release
四 生成簽名
gpg --clearsign -o InRelease Release
root@serverdeb:/media/debs# gpg --clearsign -o InRelease Release gpg: no default secret key: Unusable secret key gpg: Release: clear-sign failed: Unusable secret key
說明需要生成gpg簽名,步驟如下:
1. gpg --gen-key
對於生成簽名,詳細見如下:https://blog.csdn.net/qdujunjie/article/details/48291017
如果生成簽名卡住(原因詳見:https://www.cnblogs.com/styshoo/p/6415939.html),執行如下命令:rng -r /dev/urandom /// 前提是安裝:apt-get install rng-tools
2. gpg -a --export pub_id | apt-key add -
root@server10:/media/debs# apt-get update
Get:1 file:/media/debs InRelease [1912 B]
Get:1 file:/media/debs InRelease [1912 B]
Err:1 file:/media/debs InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5789843F6B61B0B4
Hit:2 http://apt.postgresql.org/pub/repos/apt xenial-pgdg InRelease
Reading package lists... Done
gpg -a --export 5789843F6B61B0B4 | apt-key add - ///其中pub key可用gpg --list-keys查到
五 gpg -abs -o Release.gpg Release
最后執行apt-get update的輸出如下 :
root@server10:/media/debs# apt-get updateGet:1 file:/media/debs InRelease [1912 B]
Get:1 file:/media/debs InRelease [1912 B]
Get:2 file:/media/debs Packages [74.1 kB]
Hit:3 http://apt.postgresql.org/pub/repos/apt xenial-pgdg InRelease
Reading package lists... Done
第二部分 無簽名本地源制作
(1)清理apt的下載緩存區。
sudo rm -rf /var/cache/apt/archives/*
(2)下載所需要的組件
sudo apt-get -d install <包名>
(3)創建一個目錄,將下載的包拷貝到該目錄下
cp -r /var/cache/apt/archives /yout-path
(4)修改目錄權限
chmod 777 -R /your-path
(5)建立deb包的依賴關系
sudo touch /your-path/Packages.gz
sudo dpkg-scanpackages /your-path/ /dev/null | gzip > /your-path/Packages.gz
(6)將所有下載的文件和生成的gz文件拷貝到離線的ubuntu機器上,將/etc/apt/sources.list原有內容注釋掉,新增:
(7)執行sudo apt-get update,之后就可以直接使用apt-get install 包名 來安裝了
如果上面的步驟中報錯說
FYI:
modified by people who have no access to the Release file signing key. Starting with version 1.1 APT requires repositories to provide recent authentication information for
unimpeded usage of the repository. Since version 1.5 changes in the information contained in the Release file about the repository need to be confirmed before APT continues to
apply updates from this repository.
· Create a toplevel Release file, if it does not exist already. You can do this by running apt-ftparchive release (provided in apt-utils).
· Sign it. You can do this by running gpg --clearsign -o InRelease Release and gpg -abs -o Release.gpg Release.
· Publish the key fingerprint, so that your users will know what key they need to import in order to authenticate the files in the archive. It is best to ship your key in its
own keyring package like Ubuntu does with ubuntu-keyring to be able to distribute updates and key transitions automatically later.
· Provide instructions on how to add your archive and key. If your users can't acquire your key securely the chain of trust described above is broken. How you can help users
add your key depends on your archive and target audience ranging from having your keyring package included in another archive users already have configured (like the default
repositories of their distribution) to leveraging the web of trust.
Whenever the contents of the archive change (new packages are added or removed) the archive maintainer has to follow the first two steps outlined above.