Bug#775454: Allow user blocking of https fallback

To: 775454@bugs.debian.org
Subject: Bug#775454: Allow user blocking of https fallback
From: jnqnfe <jnqnfe@gmail.com>
Date: Fri, 16 Jan 2015 05:36:45 +0000
Message-id: <[🔎] 54B8A36D.8060909@gmail.com>
Reply-to: jnqnfe <jnqnfe@gmail.com>, 775454@bugs.debian.org

Additional patch attached to update the manpages with regard to the new
param introduced in the previously supplied patch.

I believe I may have misread the code slightly when composing the
initial bug report. I believe now that the matter only arises when the
dist script tries to set the keyring file to be used, which only has an
effect if the user has not explicitly specified via a parameter a file
to use, and then only if the default does not exist. I still stand by my
patch being worth implementing though.

commit 8a6f178930c79b6b5beb505dfb811908b606c16c
Author: jnqnfe <jnqnfe@gmail.com>
Date:   Fri Jan 16 05:06:21 2015 +0000

    Update manpage with new --no-https-fallback parameter

diff --git a/debootstrap.8 b/debootstrap.8
index 3aa446d..e8f1c19 100644
--- a/debootstrap.8
+++ b/debootstrap.8
@@ -93,6 +93,9 @@ to check signatures of retrieved Release files.
 .IP "\fB\-\-no-check-gpg\fP"
 Disables checking gpg signatures of retrieved Release files.
 .IP
+.IP "\fB\-\-no\-https\-fallback\fP"
+In the event of not having a GPG keyring to use for Release verification, this disables falling back to relying on https CA level security, and results in an error being issued instead.
+.IP
 .IP "\fB\-\-verbose\fP"
 Produce more info about downloading.
 .IP

Reply to:

Prev by Date: Bug#775449: Provide sha size param instead of using environmental variable
Next by Date: Bug#775474: Issue helpful error if user specified keyring not found
Previous by thread: Bug#775454: Allow user blocking of https fallback
Next by thread: Bug#775474: Issue helpful error if user specified keyring not found
Index(es):
- Date
- Thread