debian/README.source


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

If you need to make an NMU, you'll first have to create a key-pair
and certificate.

1. Set REGDB_AUTHOR to the address you use in the Debian changelog:
       REGDB_AUTHOR="example@debian.org"
2. Generate the private key by running:
       make REGDB_AUTHOR="$REGDB_AUTHOR" ~/".wireless-regdb-$REGDB_AUTHOR.key.priv.pem"
3. Generate the public key by running:
       make REGDB_AUTHOR="$REGDB_AUTHOR" "$REGDB_AUTHOR.key.pub.pem"
4. Generate a certificate by running:
       openssl req -new -key ~/.wireless-regdb-"$REGDB_AUTHOR.key.priv.pem" \
           -days 36500 -utf8 -nodes -batch -x509 \
           -outform PEM -out "$REGDB_AUTHOR.x509.pem" \
           -config <(cat <<-EOF
               [ req ]
               distinguished_name = req_distinguished_name
               string_mask = utf8only
               prompt = no
               [ req_distinguished_name ]
               commonName = $REGDB_AUTHOR
               EOF
           )
5. Add the certificate to the linux package and regenerate
   debian/patches/debian/wireless-add-debian-wireless-regdb-certificates.patch
   as documented in its patch header.

When preparing a source package, you must run 'debian/rules sign' to
create a detached signature so that the private key is not needed when
building the binary package.

 -- Ben Hutchings <benh@debian.org>, Sat, 22 Jan 2022 16:50:24 +0100