[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#610753: debootstrap: use apt trusted keys with --keyring by default

Package: debootstrap
Severity: wishlist

When building a debian vm, using live-magic etc. it is common to use debootstrap.
When the --keyring argument is omitted, as per the man page, "Release file signatures are not checked."
IMHO this behaviour differs from the 'normal' use of secure apt (by default) [0]. 
The --keyring option exists it should be 'on by default'. I suggest the use of /etc/apt/trustdb.gpg 
for the keyring argument (If none is specified).  

[0] - http://wiki.debian.org/SecureApt
-- System Information:
Debian Release: 6.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.37 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Reply to: