Quoting Cyril Brulebois (kibi@debian.org):
> Cyril Brulebois <kibi@debian.org> (2017-10-30):
> > I think both issues are connected: if we can't trust the InRelease
> > signature for testing, we can't download packages from this suite in a
> > secure fashion, hence the “E: Some packages could not be authenticated”
> > error?
> >
> > It might be due to new keys for testing in preparation for buster or
> > something like this? ISTR we got updated release keys rather late in the
> > stretch release cycle.
>
> It might be interesting to investigate whether using chdist instead of apt-get
> in l10n/l10n-stats/gen-stats would help.
I didn't go this way. I actually tried to add the relevant keys to
~/apt/trusted.gpg.d but that doesn't help that much :
"apt-get $APT_OPT update " still gives these error messages
I did so by manually getting the keys and exporting them in
/apt/trusted.gpg.d/{jessie|wheezy}.gpg : using apt-key doesn't work as
it insists on being run as root.
The script can work if one adds "--allow-unauthenticated" to APT_OPT
in config/gen-stats.conf. Error messages during "apt-get update" are
still there, but at least testing packages can be downloaded (there
are a few errors for some packages but I suspect that this is because
these are no longer in testing).
I'd rather make this work than using chdist as, as far as I've seen,
that seems to be a quit einvasive change.
--
Attachment:
signature.asc
Description: PGP signature