Extract gnutls library files of tar.xz and tar.lz for ubuntu 10.04 LTS

后端 未结 5 1231
夕颜
夕颜 2021-02-12 19:02

I am very new to linux platform and I want to extract gnutls for ubuntu. If I do,

$ls

then, it will show these files below.

gnu         


        
相关标签:
5条回答
  • 2021-02-12 19:17

    You can resolve with:

    # The lzip page is: http://lzip.nongnu.org/lzip.html
    # Download the lzip:
    wget http://download.savannah.gnu.org/releases/lzip/lzip-1.15.tar.gz
    # decompress:
    tar xvf lzip-1.15.tar.gz
    cd lzip-1.15
    # configure / build
    ./configure --prefix=/usr
    make
    # install
    sudo make install
    
    # now you can unzip with 
    tar xvf gmp-5.1.3.tar.lz
    
    0 讨论(0)
  • 2021-02-12 19:19

    First to extract xz files, you need install xz-utils. If are in debian or ubuntu:

    sudo apt-get install xz-utils

    Now you can extract files using:

    tar -xJf file_name.xz

    0 讨论(0)
  • 2021-02-12 19:24
    tar --lzip -xvf gmp-5.1.2.tar.lz
    

    Worked for me

    As mentioned below in the comments, you might have to install the library before the command will work:

    sudo apt-get install lzip
    
    0 讨论(0)
  • 2021-02-12 19:28
    1. Install lzip.

    2. Launch the following command that creates xxx.tar file and deletes the xxx.tar.lz file after extracting:

      lzip -d xxx.tar.lz 
      
    3. Launch the following command to finally untar:

      tar zxvf xxx.tar
      
    0 讨论(0)
  • 2021-02-12 19:34

    Why there are two types of formats given? - xz and lz

    Only for convenience, so that people can download the one for which they have appropriate tools available/installed. Remember that most 'linux' libraries are intended for use on other unix-like platforms also (e.g. the BSDs, Solaris, AIX, OSX even). It cannot be assumed that more recent tools like xz are readily available in every platform.

    I need a separate utility package?

    Yes, the error message from tar is telling you that it cannot find the xz command:

    tar: xz: Cannot exec: No such file or directory
    

    You identified correctly the package to install, xz-utils. If you tried to extract the .lz archive, it would comlain that it cannot find lzip instead (and you would install the lzip package).

    There's not much difference, lzip is the older LZMA standard, xz is the newer LZMA2. The label 'beta' is always subjective. In this context I would not worry!

    Why there are signature files?

    So that people can be sure the archive they downloaded was published by the person they expect. It is to guard against the possibility that a hacker could gain access to the site (or a mirror) then add some malicious code to the sources in the archive.

    How to verify it?

    You got that command fine, but what you need to understand is that you have to tell GnuPG which keys you trust. Typically, you would take the public key (usually .asc or .txt) files published by the author(s) and import them to your gpg keyring. On the GnuTLS downloads page:

    All the releases are signed with Nikos' or Simon's OpenPGP key.

    So you could do something like:

    wget -O- http://josefsson.org/key.txt | gpg --import
    wget -O- http://members.hellug.gr/nmav/pgpkeys.asc | gpg --import
    

    Another way is when people publish only their RSA Key ID, which can be imported from commonly known gpg keyservers. For example, you could import my public key like this:

    gpg --recv-key 15C4D63E
    

    For most default gpg configurations, that should obtain the specified key from a public keyserver (probably keys.gnupg.net).

    Afterwards, gpg should report a 'good signature' from either of those authors, but expect it still to show a warning:

    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    

    This just means that there exists no chain of trust (based on the keys you have marked as trusted in your keyring) to say that this is the correct key for the named person. It could be the key of a hacker instead.

    At some point you have to be confident that the key you obtain came from the right person, but exactly what to trust and when is something for each person to research and decide for themselves, based on your own level of paranoia, or current purposes.

    Personally, I do not bother to verify source archives unless I am planning to redistribute something built from them.

    0 讨论(0)
提交回复
热议问题