public
/
docs
5
0
Fork 0
Code Issues 21 Pull Requests 2 Packages Projects Releases Wiki Activity

fix sdtool doc numbering

This commit is contained in:
Anton Livaja 2024-12-19 15:03:41 -05:00
parent 5b4bbaee51
commit b3197be647
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
2 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/procure-hardware.md
View File

@ -71,6 +71,8 @@ SD cards don't require special chain of custody, but ideally should be purchased
## AirgapOS ## AirgapOS
An SD card with AirgapOS written to it will be required to run ceremonies.
{{ #include ../../../../one-time-use-airgapos.md:steps }} {{ #include ../../../../one-time-use-airgapos.md:steps }}
## Computer Procurement ## Computer Procurement

26
quorum-key-management/src/sdtool-instructions.md
View File

@ -8,22 +8,22 @@
This tool is also available via [stagex](https://registry.hub.docker.com/r/stagex/sdtool). The binary can be exported from the image by doing the following: This tool is also available via [stagex](https://registry.hub.docker.com/r/stagex/sdtool). The binary can be exported from the image by doing the following:
// ANCHOR: steps // ANCHOR: steps
* Get deterministically built binary of `sdtool` from StageX: 1. Get deterministically built binary of `sdtool` from StageX:
* `docker pull stagex/sdtool` * `docker pull stagex/sdtool`
* Extracting binary: 1. Extracting binary:
* Run docker container: `docker run -p 4000:80 --name sdtool stagex/sdtool` * Run docker container: `docker run -p 4000:80 --name sdtool stagex/sdtool`
* This will error out the first time, run the command again and then you will get an error that's different that looks like this: `docker: Error response from daemon: Conflict. The container name "/sdtool" is already in use by container "679a52775dfce91f66d8894925449242eacbf4b0aeccaf2effe2c5e213e60a6b". You have to remove (or rename) that container to be able to reuse that name.`. Copy the container ID from the error message and use it in the next command * This will error out the first time, run the command again and then you will get an error that's different that looks like this: `docker: Error response from daemon: Conflict. The container name "/sdtool" is already in use by container "679a52775dfce91f66d8894925449242eacbf4b0aeccaf2effe2c5e213e60a6b". You have to remove (or rename) that container to be able to reuse that name.`. Copy the container ID from the error message and use it in the next command
* This issue occurs because of bin/sh missing in the image so we can't run the container properly * This issue occurs because of bin/sh missing in the image so we can't run the container properly
* Copy image to tar: `docker export <container_id> -o sdtool.tar` * Copy image to tar: `docker export <container_id> -o sdtool.tar`
* Extract binary from tar: `mkdir -p sdtool-dir | tar -xvf sdtool.tar -C sdtool-dir | cp sdtool-dir/usr/bin/sdtool ./sdtool` * Extract binary from tar: `mkdir -p sdtool-dir | tar -xvf sdtool.tar -C sdtool-dir | cp sdtool-dir/usr/bin/sdtool ./sdtool`
* You can verify the container hash: * You can verify the container hash:
* To get container hash: `docker inspect --format='{{json .RepoDigests}}' stagex/sdtool` * To get container hash: `docker inspect --format='{{json .RepoDigests}}' stagex/sdtool`
* Check the [signatures dir](https://codeberg.org/stagex/stagex/src/branch/main/signatures/stagex) in stagex project for latest signed hashes * Check the [signatures dir](https://codeberg.org/stagex/stagex/src/branch/main/signatures/stagex) in stagex project for latest signed hashes
* `./sdtool /dev/mmcblk permlock` 1. `./sdtool /dev/mmcblk permlock`
* Test that the card can't be written to: 1. Test that the card can't be written to:
* `dd if=out/airgap.iso of=/dev/sdb bs=1M conv=sync status=progress` * `dd if=out/airgap.iso of=/dev/sdb bs=1M conv=sync status=progress`