Bug#610753: debootstrap: use apt trusted keys with --keyring by default

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#610753: debootstrap: use apt trusted keys with --keyring by default
From: david b <db.pub.mail@gmail.com>
Date: Sat, 22 Jan 2011 11:57:05 +1100
Message-id: <[🔎] 20110122005705.31421.66347.reportbug@linode.d1b.org>
Reply-to: david b <db.pub.mail@gmail.com>, 610753@bugs.debian.org

Package: debootstrap
Severity: wishlist

When building a debian vm, using live-magic etc. it is common to use debootstrap.
When the --keyring argument is omitted, as per the man page, "Release file signatures are not checked."
IMHO this behaviour differs from the 'normal' use of secure apt (by default) [0]. 
The --keyring option exists it should be 'on by default'. I suggest the use of /etc/apt/trustdb.gpg 
for the keyring argument (If none is specified).  


[0] - http://wiki.debian.org/SecureApt
-- System Information:
Debian Release: 6.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.37 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Reply to:

Follow-Ups:
- Bug#610753: debootstrap: use apt trusted keys with --keyring by default
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Bug#610752: Make the link detection timeout preseedable
Next by Date: Debian installer build: failed or old builds
Previous by thread: Re: Putting the manual in git post-squeeze? [was: Bug#610752: Make the link detection timeout preseedable]
Next by thread: Bug#610753: debootstrap: use apt trusted keys with --keyring by default
Index(es):
- Date
- Thread