View Single Post
Old 02-19-2011, 10:06 PM   #14
Junior Member
ths began at the beginning.
Posts: 5
Karma: 10
Join Date: Feb 2011
Device: Kindle 3
Originally Posted by yifanlu View Post
It would be "cleaner" if you use symbolic links (no two copies of the file). Or does amazon's OS doesn't read links?

ln -s "$KEY_DIR/pubprodkey01.pem.$ACTIVE" "$KEY_DIR/pubprodkey01.pem"
ln -s "$KEY_DIR/pubprodkey02.pem.$ACTIVE" "$KEY_DIR/pubprodkey02.pem"
Cleaner, maybe. The important thing is to be safe, and ensure that you don't leave the system in a state where neither key is valid. I guess using symlinks might help in that regard, although there's the slightly scary possibility that a future update might specifically avoid reading symlinks, or might just decide to delete everything from /etc/uks except the two known keys.

Now I'm thinking about it, maybe the smartest thing to do would be to bind-mount /etc/uks to a directory under /mnt/us. That way, you'd avoid touching the original files at all; to switch between official and unofficial keys, all you'd need to do would be to rename a directory and reboot. There'd no need to modify the root FS except during the initial installation.
ths is offline   Reply With Quote