377
edits
User:Rominet: Difference between revisions
Jump to navigation
Jump to search
m
Fix anchors so that the parts in English look more natural when moved to an English-only page
m (Ditto, forgotten ones because they were on their own lines) |
m (Fix anchors so that the parts in English look more natural when moved to an English-only page) |
||
| Line 1: | Line 1: | ||
Most end-users will probably be interested in the procedure described below, that can be used to clone a Git repository such as [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData] using the SSH protocol and modify a single file so that future updates of the repository are done with the HTTPS protocol. To this date, this is the easiest way, as far as I know, to retrieve FGData in a secure and reliable way (probably because of (1) its sheer size as compared to the other repositories of the FlightGear project, and (2) some technical problems in the SourceForge Git infrastructure; other repositories can be cloned with HTTPS without any problem). This procedure is explained [[# | Most end-users will probably be interested in the procedure described below, that can be used to clone a Git repository such as [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData] using the SSH protocol and modify a single file so that future updates of the repository are done with the HTTPS protocol. To this date, this is the easiest way, as far as I know, to retrieve FGData in a secure and reliable way (probably because of (1) its sheer size as compared to the other repositories of the FlightGear project, and (2) some technical problems in the SourceForge Git infrastructure; other repositories can be cloned with HTTPS without any problem). This procedure is explained [[#using-download-and-compile-sh-to-build-flightgear|in full detail in English]] and [[#alternate-method-clone-with-ssh-and-update-with-https|more summarily in French]]. | ||
Users who are willing to take the time to read moderately technical explanations may be interested in the [[#tutorial-on-ssh-public-key-authentication-and-ssh-agent|tutorial on creating a pair of SSH keys, setting up an SSH agent and using it to do all Git transfers with the SSH protocol]] (in French). This is an alternate method, is quite secure and convenient when set up, but requires users to understand a few technical points regarding SSH public key authentication. They are all explained below, though, for those who are prepared to read carefully. | Users who are willing to take the time to read moderately technical explanations may be interested in the [[#tutorial-on-ssh-public-key-authentication-and-ssh-agent|tutorial on creating a pair of SSH keys, setting up an SSH agent and using it to do all Git transfers with the SSH protocol]] (in French). This is an alternate method, is quite secure and convenient when set up, but requires users to understand a few technical points regarding SSH public key authentication. They are all explained below, though, for those who are prepared to read carefully. | ||
| Line 14: | Line 14: | ||
Pros and cons of each of these protocols: | Pros and cons of each of these protocols: | ||
* With the old <tt>git</tt> protocol, data is '''not encrypted''' and there is '''no authentication''' to guarantee that the remote computer is really the one you intended to contact. This implies in particular that malicious actors who can intercept and inject packets between your computer and the legitimate server can make you download what ''they'' want, instead of what the legitimate server would normally have sent (this is called a ''man-in-the-middle attack).'' This risk is partially mitigated in the particular case of Git, at the condition that after every update performed using the unsafe <tt>git</tt> protocol, you double-check from a known-good source that the last commit identifier you got for each branch of the downloaded repository is the same as on the legitimate server. Needless to say, nobody does that. Besides, the SHA-1 algorithm that Git uses to compute commit identifiers has been somewhat weakened during the last years<ref name=" | * With the old <tt>git</tt> protocol, data is '''not encrypted''' and there is '''no authentication''' to guarantee that the remote computer is really the one you intended to contact. This implies in particular that malicious actors who can intercept and inject packets between your computer and the legitimate server can make you download what ''they'' want, instead of what the legitimate server would normally have sent (this is called a ''man-in-the-middle attack).'' This risk is partially mitigated in the particular case of Git, at the condition that after every update performed using the unsafe <tt>git</tt> protocol, you double-check from a known-good source that the last commit identifier you got for each branch of the downloaded repository is the same as on the legitimate server. Needless to say, nobody does that. Besides, the SHA-1 algorithm that Git uses to compute commit identifiers has been somewhat weakened during the last years<ref name="Google-work-on-SHA-1">See for instance this [https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html Google report].</ref>; therefore, even if it's not the case at the time of this writing, one can't dismiss the possibility that at some point in the future, “bad guys” might be able to prepare malicious commits having the same identifier as one of the commits of the legitimate repository. For these reasons (especially the possibility of a man-in-the-middle attack), it is a good idea to avoid using the obsolete <tt>git</tt> protocol. In other words, don't use <tt>git://</tt> when you clone a Git repository. | ||
* With the <tt>https</tt> protocol, all transferred data is '''encrypted''' and, more importantly here, the server you connect to is '''authenticated.''' The main problem here is that this protocol is not well implemented at [https://sourceforge.net/ SourceForge]: cloning a large repository such as [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData] using <tt>https</tt> (almost?) always fails. As far as I know, this problem doesn't happen with smaller repositories, nor does it happen when simply updating a large one that has already been cloned (it is indeed possible to clone a repository with a given protocol and later update it using another protocol; all one has to do for that is to modify the <tt>.git/config</tt> file inside the repository—this is precisely the method we are going to describe next, step by step). | * With the <tt>https</tt> protocol, all transferred data is '''encrypted''' and, more importantly here, the server you connect to is '''authenticated.''' The main problem here is that this protocol is not well implemented at [https://sourceforge.net/ SourceForge]: cloning a large repository such as [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData] using <tt>https</tt> (almost?) always fails. As far as I know, this problem doesn't happen with smaller repositories, nor does it happen when simply updating a large one that has already been cloned (it is indeed possible to clone a repository with a given protocol and later update it using another protocol; all one has to do for that is to modify the <tt>.git/config</tt> file inside the repository—this is precisely the method we are going to describe next, step by step). | ||
* With the <tt>ssh</tt> protocol, all transferred data is '''encrypted''' and the server you connect to is '''authenticated''' (this is done differently, but offers similar guarantees as the <tt>https</tt> protocol). The main problem in this case, which is generally a minor one, is that in order to download via the <tt>ssh</tt> protocol, you have to authenticate ''yourself'' to the server (in contrast with <tt>https</tt>, which allows anonymous downloads). This requires you to either enter a password or to use a (public, private) pair of SSH keys—the latter method being called ''public key authentication.'' On the other hand, getting yourself authenticated to the server is an advantage for development, because this allows server administrators to possibly grant you write access to the repository, should you be able and willing to contribute to the project (i.e., administrators could then allow you to run commands such as <code>git push</code> that update the remote repository). | * With the <tt>ssh</tt> protocol, all transferred data is '''encrypted''' and the server you connect to is '''authenticated''' (this is done differently, but offers similar guarantees as the <tt>https</tt> protocol). The main problem in this case, which is generally a minor one, is that in order to download via the <tt>ssh</tt> protocol, you have to authenticate ''yourself'' to the server (in contrast with <tt>https</tt>, which allows anonymous downloads). This requires you to either enter a password or to use a (public, private) pair of SSH keys—the latter method being called ''public key authentication.'' On the other hand, getting yourself authenticated to the server is an advantage for development, because this allows server administrators to possibly grant you write access to the repository, should you be able and willing to contribute to the project (i.e., administrators could then allow you to run commands such as <code>git push</code> that update the remote repository). | ||
| Line 22: | Line 22: | ||
Another option is to use the <tt>ssh</tt> protocol in all cases. If you use an SSH agent in conjunction with public key authentication, this is quite a fine solution. But in case you don't, this method would require you to enter your SourceForge password every time a Git command needs to contact the remote server—assuming all repositories you work with are hosted there, which is the case for the FlightGear core repositories. Needless to say, this would be quite cumbersome unless you rarely interact with the remote server. Since setting up public key authentication requires more learning and work for users who are not already familiar with it, we are going to present the easier method here: using the <tt>ssh</tt> protocol for cloning [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData] (i.e., ''only for the initial download)'' and <tt>https</tt> for all other communications initiated by the Git client on your computer. For those interested, the method based on public key authentication is explained in detail in French [[#tutorial-on-ssh-public-key-authentication-and-ssh-agent|on this very page]]. | Another option is to use the <tt>ssh</tt> protocol in all cases. If you use an SSH agent in conjunction with public key authentication, this is quite a fine solution. But in case you don't, this method would require you to enter your SourceForge password every time a Git command needs to contact the remote server—assuming all repositories you work with are hosted there, which is the case for the FlightGear core repositories. Needless to say, this would be quite cumbersome unless you rarely interact with the remote server. Since setting up public key authentication requires more learning and work for users who are not already familiar with it, we are going to present the easier method here: using the <tt>ssh</tt> protocol for cloning [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData] (i.e., ''only for the initial download)'' and <tt>https</tt> for all other communications initiated by the Git client on your computer. For those interested, the method based on public key authentication is explained in detail in French [[#tutorial-on-ssh-public-key-authentication-and-ssh-agent|on this very page]]. | ||
=== <span id=" | === <span id="getting-started-with-download-and-compile-sh"></span> Getting started with <tt>download_and_compile.sh</tt> === | ||
This text in this section corresponds to the method described in [https://sourceforge.net/p/flightgear/mailman/message/36633375/ this message] on the <tt>flightgear-devel</tt> mailing list. It is more detailed, though, and should hopefully be easier to follow for non-experts. | This text in this section corresponds to the method described in [https://sourceforge.net/p/flightgear/mailman/message/36633375/ this message] on the <tt>flightgear-devel</tt> mailing list. It is more detailed, though, and should hopefully be easier to follow for non-experts. | ||
{{Note|<tt>download_and_compile.sh</tt> is a [https://www.gnu.org/software/bash/ Bash] script written for [https://www.debian.org/ Debian]-derived distributions ([https://www.ubuntu.com/ Ubuntu], [https://devuan.org/ Devuan], [https://www.linuxmint.com/ Linux Mint], etc.). By default, in uses <tt>sudo</tt> and installs packages with <tt>apt-get</tt>. If you are not using a Debian-derived distribution, <tt>download_and_compile.sh</tt> is not for you (though inspecting [https://sourceforge.net/p/flightgear/fgmeta/ci/next/tree/download_and_compile.sh the script] at the point where it installs packages<ref name=" | {{Note|<tt>download_and_compile.sh</tt> is a [https://www.gnu.org/software/bash/ Bash] script written for [https://www.debian.org/ Debian]-derived distributions ([https://www.ubuntu.com/ Ubuntu], [https://devuan.org/ Devuan], [https://www.linuxmint.com/ Linux Mint], etc.). By default, in uses <tt>sudo</tt> and installs packages with <tt>apt-get</tt>. If you are not using a Debian-derived distribution, <tt>download_and_compile.sh</tt> is not for you (though inspecting [https://sourceforge.net/p/flightgear/fgmeta/ci/next/tree/download_and_compile.sh the script] at the point where it installs packages<ref name="note-inspecting-download-and-compile-sh-to-gather-build-dependency-information">Look for strings such as <tt>zlib1g-dev</tt>, <tt>libglew-dev</tt> or <tt>qt5-default</tt>.</ref> can be useful on other systems to find up-to-date build-dependencies of FlightGear and related software).}} | ||
We'll first explain how to get <tt>download_and_compile.sh</tt> in a way that makes updates easy and causes the command <code>download_and_compile.sh --version</code> to work as intended (the “version” is a Git blob id such as <tt>6a5e4f05e2ccf27115eec58313be027b11266097</tt><ref name=" | We'll first explain how to get <tt>download_and_compile.sh</tt> in a way that makes updates easy and causes the command <code>download_and_compile.sh --version</code> to work as intended (the “version” is a Git blob id such as <tt>6a5e4f05e2ccf27115eec58313be027b11266097</tt><ref name="note-on-download-and-compile-sh-version-being-a-Git-blob-id">This looks like, but is ''not'' a Git commit identifier. This kind of “version number” is admittedly not very pretty, but it doesn't pollute Git commits (the diffs) and is automatically updated by Git every time you update <tt>download_and_compile.sh</tt> the way we are going to present; thus, the advantages compensate for the ugliness.</ref>). Then we'll show how to clone the large [https://sourceforge.net/p/flightgear/fgdata/ref/next/ FGData] repository, and finally give the last instructions to get FlightGear up and running. | ||
==== <span id=" | ==== <span id="getting-started-with-download-and-compile-sh-notations"></span> Notations ==== | ||
When a command should be run as an unpriviledged user, it will be preceded by a dollar sign: | When a command should be run as an unpriviledged user, it will be preceded by a dollar sign: | ||
| Line 39: | Line 39: | ||
root | root | ||
==== <span id=" | ==== <span id="getting-download-and-compile-sh-the-right-way"></span> Getting <tt>download_and_compile.sh</tt> the “right way” ==== | ||
Go to a directory (folder) of your choice. Let's assume it is <tt>~/flightgear</tt>, but really, you can choose whatever you want. Now clone the [https://sourceforge.net/p/flightgear/fgmeta/ci/next/tree/ FGMeta] repository: | Go to a directory (folder) of your choice. Let's assume it is <tt>~/flightgear</tt>, but really, you can choose whatever you want. Now clone the [https://sourceforge.net/p/flightgear/fgmeta/ci/next/tree/ FGMeta] repository: | ||
| Line 84: | Line 84: | ||
If your changes conflict with the update, Git will tell you and you'll have to resolve the conflict manually (look for “Git resolve conflict” on your favorite search engine)... or start again from a pristine FGMeta clone. | If your changes conflict with the update, Git will tell you and you'll have to resolve the conflict manually (look for “Git resolve conflict” on your favorite search engine)... or start again from a pristine FGMeta clone. | ||
==== <span id=" | ==== <span id="using-download-and-compile-sh-to-build-flightgear"></span> Using <tt>download_and_compile.sh</tt> to build FlightGear ==== | ||
For the method described below, you'll need an account at [https://sourceforge.net/ SourceForge]. If you don't already have one, go to the [https://sourceforge.net/user/registration registration page] and create an account. In all this section, we'll assume that your account name at SourceForge is ''username''. | For the method described below, you'll need an account at [https://sourceforge.net/ SourceForge]. If you don't already have one, go to the [https://sourceforge.net/user/registration registration page] and create an account. In all this section, we'll assume that your account name at SourceForge is ''username''. | ||
| Line 269: | Line 269: | ||
In case you find this tedious to type or have more arguments to pass on a regular basis, you can follow the advice given at the end of [https://sourceforge.net/p/flightgear/mailman/message/36634426/ this message] or use another launcher such as [[FFGo]] (but the [[FlightGear Qt launcher|FlightGear built-in launcher]] started with <code>run_fgfs.sh --launcher</code> is quite fine, be sure to try it first!). | In case you find this tedious to type or have more arguments to pass on a regular basis, you can follow the advice given at the end of [https://sourceforge.net/p/flightgear/mailman/message/36634426/ this message] or use another launcher such as [[FFGo]] (but the [[FlightGear Qt launcher|FlightGear built-in launcher]] started with <code>run_fgfs.sh --launcher</code> is quite fine, be sure to try it first!). | ||
==== <span id=" | ==== <span id="using-download-and-compile-sh-to-update-flightgear"></span> Using <tt>download_and_compile.sh</tt> to update FlightGear ==== | ||
Just go to the directory from which you you previously ran <tt>download_and_compile.sh</tt>. This is the folder we called ''$dir'' in the previous section which, if you did a complete run of <tt>download_and_compile.sh</tt>, contains the <tt>run_fgfs.sh</tt> executable and a log file of what <tt>download_and_compile.sh</tt> did in its last run, named <tt>compilation_log.txt</tt>. If you wish to update, say, [https://sourceforge.net/p/flightgear/simgear/ci/next/tree/ SimGear], [https://sourceforge.net/p/flightgear/flightgear/ci/next/tree/ FlightGear] and [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData], simply execute this: | Just go to the directory from which you you previously ran <tt>download_and_compile.sh</tt>. This is the folder we called ''$dir'' in the previous section which, if you did a complete run of <tt>download_and_compile.sh</tt>, contains the <tt>run_fgfs.sh</tt> executable and a log file of what <tt>download_and_compile.sh</tt> did in its last run, named <tt>compilation_log.txt</tt>. If you wish to update, say, [https://sourceforge.net/p/flightgear/simgear/ci/next/tree/ SimGear], [https://sourceforge.net/p/flightgear/flightgear/ci/next/tree/ FlightGear] and [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData], simply execute this: | ||
| Line 281: | Line 281: | ||
* compile each selected component that requires compilation; | * compile each selected component that requires compilation; | ||
* install each selected component in the appropriate place under ''$dir''. | * install each selected component in the appropriate place under ''$dir''. | ||
In case you don't have all required dependencies for the selected components, one of them is likely to fail, of course, since by passing <code>-pn</code> to <tt>download_and_compile.sh</tt>, you forbade it to install these dependencies for you. So, you can also very well update without passing the <code>-pn</code> option, it will simply take a little longer (the time to check if all dependencies of the selected components are available with <tt>APT</tt>). In fact, this is '''what you should do if the previous <tt>download_and_compile.sh</tt> run failed:''' first update <tt>download_and_compile.sh</tt> (see [[# | In case you don't have all required dependencies for the selected components, one of them is likely to fail, of course, since by passing <code>-pn</code> to <tt>download_and_compile.sh</tt>, you forbade it to install these dependencies for you. So, you can also very well update without passing the <code>-pn</code> option, it will simply take a little longer (the time to check if all dependencies of the selected components are available with <tt>APT</tt>). In fact, this is '''what you should do if the previous <tt>download_and_compile.sh</tt> run failed:''' first update <tt>download_and_compile.sh</tt> (see [[#getting-download-and-compile-sh-the-right-way|above]]) then run it ''without'' <code>-pn</code><ref name="passing-no-pn-option-equals-passing-py">Which is the same as passing <code>-py</code>.</ref> in case new dependencies have been recently added and you don't have them on your system yet—this would be a very likely cause for the failure. | ||
'''Summary''' | '''Summary''' | ||
| Line 287: | Line 287: | ||
Routine update: | Routine update: | ||
$ download_and_compile.sh -pn ''COMPONENT...'' | $ download_and_compile.sh -pn ''COMPONENT...'' | ||
In case this fails, first update <tt>download_and_compile.sh</tt> (see [[# | In case this fails, first update <tt>download_and_compile.sh</tt> (see [[#getting-download-and-compile-sh-the-right-way|above]]), then run | ||
$ download_and_compile.sh ''COMPONENT...'' | $ download_and_compile.sh ''COMPONENT...'' | ||
where ''COMPONENT...'' stands for the space-separated list of selected components, and defaults to <tt>SIMGEAR FGFS DATA</tt> if you don't specify any. | where ''COMPONENT...'' stands for the space-separated list of selected components, and defaults to <tt>SIMGEAR FGFS DATA</tt> if you don't specify any. | ||
| Line 316: | Line 316: | ||
Avantages et inconvénients des trois protocoles : | Avantages et inconvénients des trois protocoles : | ||
* Avec le vieux protocole <tt>git</tt>, les données transférées ne sont pas chiffrées et le serveur n'est pas authentifié. Cela signifie que quelqu'un qui est « bien situé » sur le réseau peut non seulement voir ce que vous téléchargez, mais aussi qu'il peut se faire passer pour le site depuis lequel vous croyez télécharger. Le deuxième point est assez embêtant, car il signifie qu'on peut vous refiler un dépôt contenant un malware (virus, cheval de Troie, etc.). Ce risque est potentiellement limité dans le cas particulier d'un dépôt Git, à condition de vérifier le hash du dernier commit après chaque mise à jour de chaque dépôt et de le comparer à une source sûre (qui fait cela ?). Et encore, l'algorithme utilisé pour les hash des commits Git, SHA-1, a déjà été beaucoup étudié<ref name="Google-work-on-SHA-1">Voir par exemple ces [https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html travaux de Google].</ref> ; il n'est pas exclu qu'un de ces jours, on puisse fabriquer un commit foireux qui a le « bon hash », c'est-à-dire celui du dernier commit dans le dépôt officiel. Pour cette raison, il vaut mieux éviter ce protocole. | * Avec le vieux protocole <tt>git</tt>, les données transférées ne sont pas chiffrées et le serveur n'est pas authentifié. Cela signifie que quelqu'un qui est « bien situé » sur le réseau peut non seulement voir ce que vous téléchargez, mais aussi qu'il peut se faire passer pour le site depuis lequel vous croyez télécharger. Le deuxième point est assez embêtant, car il signifie qu'on peut vous refiler un dépôt contenant un malware (virus, cheval de Troie, etc.). Ce risque est potentiellement limité dans le cas particulier d'un dépôt Git, à condition de vérifier le hash du dernier commit après chaque mise à jour de chaque dépôt et de le comparer à une source sûre (qui fait cela ?). Et encore, l'algorithme utilisé pour les hash des commits Git, SHA-1, a déjà été beaucoup étudié<ref name="fr-Google-work-on-SHA-1">Voir par exemple ces [https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html travaux de Google].</ref> ; il n'est pas exclu qu'un de ces jours, on puisse fabriquer un commit foireux qui a le « bon hash », c'est-à-dire celui du dernier commit dans le dépôt officiel. Pour cette raison, il vaut mieux éviter ce protocole. | ||
* Avec le protocole <tt>https</tt>, les données transférées sont chiffrées et le serveur est authentifié. Le principal problème est que ce protocole n'a pas l'air parfaitement implémenté chez [https://sourceforge.net/ SourceForge] : il est souvent impossible de cloner un dépôt très volumineux comme [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData]. Pas de problème avec les dépôts de taille plus modeste à ma connaissance. Pas de problème non plus, en général, pour mettre à jour un dépôt volumineux déjà cloné (il est possible de cloner avec un protocole et mettre à jour avec un autre : il suffit de modifier le fichier <tt>.git/config</tt> à l'intérieur d'un dépôt pour changer le protocole utilisé lors des mises à jour). | * Avec le protocole <tt>https</tt>, les données transférées sont chiffrées et le serveur est authentifié. Le principal problème est que ce protocole n'a pas l'air parfaitement implémenté chez [https://sourceforge.net/ SourceForge] : il est souvent impossible de cloner un dépôt très volumineux comme [https://sourceforge.net/p/flightgear/fgdata/ci/next/tree/ FGData]. Pas de problème avec les dépôts de taille plus modeste à ma connaissance. Pas de problème non plus, en général, pour mettre à jour un dépôt volumineux déjà cloné (il est possible de cloner avec un protocole et mettre à jour avec un autre : il suffit de modifier le fichier <tt>.git/config</tt> à l'intérieur d'un dépôt pour changer le protocole utilisé lors des mises à jour). | ||
* Avec le protocole <tt>ssh</tt>, les données transférées sont chiffrées et le serveur est authentifié. Le principal problème est que pour utiliser ce protocole, il faut soi-même s'authentifier auprès du serveur (alors que l'on peut lire « anonymement » avec <tt>https</tt>), ce qui nécessite soit d'entrer un mot de passe, soit d'utiliser une paire de clés privée/publique. C'est en revanche un avantage pour le développement, car l'authentification permet d'exécuter des commandes <code>git push</code> si le serveur est configuré pour vous autoriser à le faire. | * Avec le protocole <tt>ssh</tt>, les données transférées sont chiffrées et le serveur est authentifié. Le principal problème est que pour utiliser ce protocole, il faut soi-même s'authentifier auprès du serveur (alors que l'on peut lire « anonymement » avec <tt>https</tt>), ce qui nécessite soit d'entrer un mot de passe, soit d'utiliser une paire de clés privée/publique. C'est en revanche un avantage pour le développement, car l'authentification permet d'exécuter des commandes <code>git push</code> si le serveur est configuré pour vous autoriser à le faire. | ||