Package: debian-installer Severity: important Hi there! I'm not sure if this is still a bug, since it happened with an etch 4.0r4 i386 business-card image, but I don't know how to reproduce it, so I reported it anyway. Feel free to close it :-) I was trying to reproduce bug #482140 under QEMU [1] and thus I installed etch. However, at the "Select and Install Software" step, the installation seemd to be frozen. I waited for a while, thinking that QEMU is particularly slow, then I decided to check syslog and found the cause: ===== Oct 7 08:32:34 main-menu[1041]: INFO: Menu item 'apt-setup-udeb' selected [...] Oct 7 08:33:49 apt-setup: Get:1 http://security.debian.org etch/updates Release.gpg [189B] Oct 7 08:33:49 apt-setup: Get:2 http://security.debian.org etch/updates Release [37.6kB] Oct 7 08:33:49 apt-setup: Ign http://security.debian.org etch/updates Release Oct 7 08:33:49 apt-setup: Get:3 http://security.debian.org etch/updates/main Packages [373kB] Oct 7 08:33:52 apt-setup: Fetched 411kB in 3s (130kB/s) Oct 7 08:33:52 apt-setup: Reading package lists... Oct 7 08:33:53 apt-setup: Oct 7 08:33:53 apt-setup: W: Oct 7 08:33:53 apt-setup: GPG error: http://security.debian.org etch/updates Release: \ The following signatures were invalid: BADSIG A70DAF536070D3A1 Debian Archive Automatic \ Signing Key (4.0/etch) <ftpmaster@debian.org> Oct 7 08:33:53 apt-setup: Oct 7 08:33:53 apt-setup: W: Oct 7 08:33:53 apt-setup: You may want to run apt-get update to correct these problems Oct 7 08:33:53 apt-setup: Oct 7 08:33:54 apt-setup: Get:1 http://security.debian.org etch/updates Release.gpg [189B] [...] Oct 7 09:23:44 in-target: Need to get 482MB of archives. After unpacking 1450MB will be used. Oct 7 09:23:44 in-target: WARNING: untrusted versions of the following packages will be installed! [...] Oct 7 09:23:44 in-target: Do you want to ignore this warning and proceed anyway? Oct 7 09:23:44 in-target: To continue, enter "Yes"; to abort, enter "No": ===== I don't know why the security etch/updates signature was invalid, but in this case the user should be notified in some way. Thx, bye, Gismo / Luca Footnotes: [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482140#222 -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
Attachment:
pgpz0mlHHIK79.pgp
Description: PGP signature