Frans Pop wrote: > On Wednesday 24 August 2005 03:52, Joey Hess wrote: > > This is the same thing as I implemeted earlier this summer with > > apt-ftparchive, and it will not work with secure apt as it requires a > > signed Release file to also be generated, which needs a gpg key to be > > set up and so on. > > Hmmm. The way I've done it _no_ release file is generated and I've seen no > warnings from apt (I've tested in unstable). > apt just says "ignoring Release"... Aha. So it only requires sigs if the release exists, that's an interesting loophole (wonder if it works for http). Ok, well your patch looked ok otherwise, except I see one problem, since the Packages file is only removed in the clean target, which is not always run between builds, it will not always be up-to-date. In my apt-ftparchive patch I instead recreated the Packages file each time get-packages was run. -- see shy jo
Attachment:
signature.asc
Description: Digital signature