Re: self signed repository

To: Roger Leigh <rleigh@codelibre.net>, debian-user@lists.debian.org
Subject: Re: self signed repository
From: Anton Gorlov <stalker@locum.ru>
Date: Thu, 05 Jul 2012 16:24:12 +0400
Message-id: <[🔎] 4FF5876C.8090903@locum.ru>
In-reply-to: <[🔎] 20120705084619.GR4080@codelibre.net>
References: <[🔎] 4FF54BC8.9000207@locum.ru> <[🔎] 20120705084619.GR4080@codelibre.net>

05.07.2012 12:46, Roger Leigh пишет:

You also need the Release file in the apt repository signing.
apt-get doesn't get check per-package signatures?  Individual
packages aren't signed by default; just the archive as a whole
via the Release/InRelease files.

Hmm.
Ok. I try generate it file and sign it

#!/bin/bash
base='/opt/work/myrepo/dists/squeeze/main'

cd $base
apt-ftparchive release . \
-o APT::FTPArchive::Release::Origin="stalker@locum.ru" \
-o APT::FTPArchive::Release::Codename="squeeze" > $base/Release

and sign it by run
gpg -abs -o Release.gpg Release

but
apt-get update
Ign file: squeeze Release.gpg
Ign file:/opt/work/myrepo/ squeeze/main Translation-en
Ign file:/opt/work/myrepo/ squeeze/main Translation-en_US
Ign file: squeeze Release
Ign file: squeeze/main amd64 Packages
Ign file: squeeze/main amd64 Packages
Reading package lists... Done

What I doing wrong?

Reply to:

Follow-Ups:
- Re: self signed repository
  - From: Roger Leigh <rleigh@codelibre.net>

References:
- self signed repository
  - From: "stalker@locum.ru" <stalker@locum.ru>
- Re: self signed repository
  - From: Roger Leigh <rleigh@codelibre.net>

Prev by Date: Re: Alternative(s) to VirtualBox
Next by Date: Re: firewall
Previous by thread: Re: self signed repository
Next by thread: Re: self signed repository
Index(es):
- Date
- Thread