On Tue, May 23, 2017 at 10:59:32AM +1000, Pete Miller wrote:
> Subsequently, I have run "apt update --allow-insecure-repositories", which Problems are only very sheldomly solved by blindly running random
> worked, but a subsequent "apt-get update --allow-unauthenticated" and similar
> failed to update any packages due to key errors as detailed in the thread.
commands. Most of the time they just "solve" something by poking a hole
somewhere else… and disabling security is the poster child for creating
two new problems with every problem solved this way!
ALL packages you have installed while using such options could be coming
straight from NSA^WNorthkorea^Wsome evildoers using your computer now to
collect intel on you and your neighbors, mine cryptocurrencies or upload
childporn in your name. So the most sensible approach is in fact a clean
reinstall and avoiding harming your system before you ask for help next
time. You would bring a car which makes funky sounds directly to an
engineer, wouldn't you? Instead of taking a hammer and randomly hitting
the car denting metal and breaking glass in the hope that it might
magically work out anyhow if only you hit hard enough…
> Running aptitude with options allowed the outstanding packages to be updated,
> but the key errors persist in apt, synaptic and aptitude, even though the
> correct keys seem to be installed.
Debian comes with all keys to deal with the archive by default and as
Frank has walked you through on debian-user@ they seem to be there just
fine.
(Importing any Release.gpg is btw never going to work. It contains the
signature created with a (private) key, not the (public) key itself. You
just need the (public) key to verify the signature.)
Julian was asking basically for running both:
ls -l /etc/apt/trusted.gpg{,.d}
file /etc/apt/trusted.gpg{,.d/*}
As he thinks it might be a permission/wrong-file-in-there problem, which
is the most likely cause… I would add a "stat /tmp" as I have seen it
a few times by now that people had very strange permissions on /tmp
– all of which usually caused by "fixing" some problem earlier…
It is btw highly unlikely that aptitude allowed an update while the
others didn't (but then you say it didn't anyhow, so who knows) as they
are sharing all the same code and data then it comes to downloading so
we can work on making it "perfect" once from a security standpoint
rather than "so lala"¹ for each individual package manager.
¹ german for "okayish", but with a (stronger) hint of "would not hold
its ground if someone would look closer".
Best regards
David Kalnischkies