Re: mini-dinstall, repository signing and apt-get authentication

To: Neil Williams <codehelp@debian.org>
Cc: debian-mentors@lists.debian.org
Subject: Re: mini-dinstall, repository signing and apt-get authentication
From: Ian Zimmerman <itz@madbat.mine.nu>
Date: 31 Jul 2007 11:14:45 -0400
Message-id: <[🔎] 8764408v16.fsf@unicorn.ahiker.homeip.net>
In-reply-to: <[🔎] 20070731154327.b286ebcf.codehelp@debian.org>
References: <44CA6FEC.5060004@codehelp.co.uk> <[🔎] 87abtc8ysz.fsf@unicorn.ahiker.homeip.net> <[🔎] 20070731154327.b286ebcf.codehelp@debian.org>

Ian> And this is my main question: have you figured out what causes this error?

Neil> Yes - the error is caused by not using reprepro.
Neil> :-)

I am afraid from my POV this is not particularly funny.  The
documentation (i.e. the apt manual and the secure apt wiki) doesn't
mention reprepro (or mini-dinstall), I was trying to do this the
documented way (well, except having a flat directory), and it didn't
work.  I don't feel "just use whiz-bang tool foo" is the correct answer
in such a situation, or at least it is not the complete answer.  That
would include at least acknowledging that the documentation is wrong.

Ian> Let me describe my situation: I have a flat (single directory) archive
Ian> of personal debs.  I see absolutely no point in maintaining "code names"
Ian> and "suites" and what not. 

Neil> reprepro doesn't force these on you but it does not stop you adding
Neil> them later either.

OK, I'll take a look at reprepro.

Ian> I generate the Packages.gz file by
Ian> 
Ian> cd /var/local/debian && apt-ftparchive packages ./ | gzip - >
Ian> Packages.gz

Neil> Yuk. There should be no need to do this.
 
Ian> and the Release file by
Ian> 
Ian> cd /var/local/debian && apt-ftparchive release ./ > /tmp/Release &&
Ian> mv /tmp/Release .

Neil> Nor that.
 
This is all straight from the wiki.

Ian> All this works flawlessly until I introduce signing.  As soon as I
Ian> add a Release.gpg file (generated by cd /var/local/debian && gpg
Ian> -abs -o Release.gpg Release) apt-get starts giving me the above
Ian> error message.  Now the wording made me think that perhaps perhaps
Ian> I should NOT compress the Packages file, so I tried to omit the
Ian> gzip step above.  But then apt-get complains it cannot retrieve
Ian> Packages file!

Neil> No. The error is because mini-dinstall doesn't support what you want.

Huh?  I didn't use mini-dinstall at all.  I was generating the metadata
manually, in the documented format.

Neil> No. IMHO mini-dinstall is the quick hack which isn't capable of
Neil> supporting advanced features like SecureApt.

Again, I didn't use mini-dinstall - I generated the Secure Apt files
as documented.

-- 
This line is completely ham.

Reply to:

Follow-Ups:
- Re: repository signing and apt-get authentication
  - From: Neil Williams <codehelp@debian.org>
- Re: mini-dinstall, repository signing and apt-get authentication
  - From: Ian Zimmerman <itz@madbat.mine.nu>

References:
- Re: mini-dinstall, repository signing and apt-get authentication
  - From: Ian Zimmerman <itz@madbat.mine.nu>
- Re: mini-dinstall, repository signing and apt-get authentication
  - From: Neil Williams <codehelp@debian.org>

Prev by Date: [help] Merging tag and trunk in a SVN repository.
Next by Date: Re: repository signing and apt-get authentication
Previous by thread: Re: mini-dinstall, repository signing and apt-get authentication
Next by thread: Re: repository signing and apt-get authentication
Index(es):
- Date
- Thread