Portal:Deepin/Installation

由于打包策略违规以及围绕 D-Bus 实现的各种安全问题，Deepin 桌面已被从 openSUSE Tumbleweed 和部分 Leap 15.6 中移除。关于安全问题和移除原因的详细分析可以在 官方 SUSE 安全团队博客 中找到。

警告： 鉴于 Deepin 的安全记录以及前一节中表达的担忧，我们目前不建议使用 Deepin 桌面。如果您仍然希望在 openSUSE Tumbleweed 上安装（或继续使用）Deepin 桌面，尽管存在安全隐患，您可以按照以下步骤将 Deepin 开发项目仓库添加到您的系统中。

警告： 请注意，通过执行此操作，您将信任来自此开发项目的任何软件包，这些软件包既未经过 SUSE 安全团队的审查，也未经过 openSUSE 软件包提交审查团队的审查。

对于 openSUSE Leap，您需要调整仓库 URL 以指向适用于您系统的正确的 Leap 仓库。

# add the devel project repository for Deepin to zypper
# for other distributions you need to adjust the URL here to point to the proper repository for your case
root# zypper ar https://download.opensuse.org/repositories/X11:/Deepin:/Factory/openSUSE_Tumbleweed deepin-factory
# refresh zypper repositories
root# zypper ref
New repository or package signing key received:

  Repository:       deepin-factory
  Key Fingerprint:  EED7 FE07 D0FC DEF0 E5B4 D4A9 C0DA 4428 1599 EA1E
  Key Name:         X11:Deepin:Factory OBS Project <X11:Deepin:Factory@build.opensuse.org>
  Key Algorithm:    RSA 2048
  Key Created:      Sat Apr 29 01:27:01 2023
  Key Expires:      Mon Jul  7 01:27:01 2025
  Rpm Name:         gpg-pubkey-1599ea1e-644c5645

    Note: Signing data enables the recipient to verify that no modifications occurred after the data
    were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system
    and in extreme cases even to a system compromise.
 
    Note: A GPG pubkey is clearly identified by its fingerprint. Do not rely on the key\'s name. If
    you are not sure whether the presented key is authentic, ask the repository provider or check
    their web site. Many providers maintain a web page showing the fingerprints of the GPG keys they
    are using.

Do you want to reject the key, trust temporarily, or trust always? [r/t/a/?] (r):

该项目的当前 GPG 密钥指纹是 EED7 FE07 D0FC DEF0 E5B4 D4A9 C0DA 4428 1599 EA1E。您可以自行通过 下载公钥，通过 gpg --import 导入它，并检查新导入密钥的 gpg --fingerprint 输出进行验证。