Bug#733179: debootstrap should abort if the keyring is missing, not just warn

To: Sven Ulland <sveniu@opera.com>, 733179@bugs.debian.org
Cc: Eduard - Gabriel Munteanu <edgmnt@gmail.com>
Subject: Bug#733179: debootstrap should abort if the keyring is missing, not just warn
From: Cyril Brulebois <kibi@debian.org>
Date: Fri, 15 May 2015 04:53:53 +0200
Message-id: <[🔎] 20150515025353.GB9513@mraw.org>
Reply-to: Cyril Brulebois <kibi@debian.org>, 733179@bugs.debian.org
In-reply-to: <52F0C404.5030204@opera.com>
References: <52F0C404.5030204@opera.com>

Sven Ulland <sveniu@opera.com> (2014-02-04):
> Having an option to require a trust path would be good. It can be off
> by default to avoid compatibility issues and creeping security lax.
> 
> As it stands, there is no convenient way to require signature
> verification with debootstrap itself, so I'm currently working around
> it with an additional script before running debootstrap.

I've pushed two patches to that effect, feel free to give them a shot
and tell me whether that does the trick:
  https://anonscm.debian.org/cgit/d-i/debootstrap.git/commit/?id=be99f7b
  https://anonscm.debian.org/cgit/d-i/debootstrap.git/commit/?id=f961ecc

Mraw,
KiBi.

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Bug#661501: debootstrap: Missing keyring file should abort with error
Next by Date: Bug#775454: Allow user blocking of https fallback
Previous by thread: Processed: Re: Bug#661501: debootstrap: Missing keyring file should abort with error
Next by thread: Bug#775454: Allow user blocking of https fallback
Index(es):
- Date
- Thread