Hi, Moritz Muehlenhoff <mmuhlenhoff@wikimedia.org> (2019-07-17): > On Fri, Jul 12, 2019 at 09:07:45AM +0000, Cyril Brulebois wrote: > > apt-setup (1:0.151) unstable; urgency=medium > > . > > [ Moritz Mühlenhoff ] > > * When preseeding a local repository via apt-setup/localX/repository, > > the repository key for Secure Apt needs to be configured with > > apt-setup/localX/key. This key used to be set up with apt-key, but > > its use is deprecated and apt's former dependency on gnupg has been > > demoted to a Suggests, rendering apt-key non-functional in d-i. > > Apply a patch by Lars Kollstedt (thanks!) which adds the repository > > key(s) to /etc/apt/trusted.gpg.d, following the approach used by > > pbuilder (Closes: #851774, #928931): > > - .asc suffix if the key file seems to be armoured ASCII (i.e. it > > contains a “-----BEGIN PGP PUBLIC KEY BLOCK-----” line); > > - .gpg suffix otherwise. Please note that only “GPG key public ring” > > are supported by APT, newer “keybox database” format isn't at the > > moment. > > Hi Cyril, > as discussed on #debian-boot last week: I've tested a Buster installation with > "d-i mirror/udeb/suite string unstable" and our previous > "d-i base-installer/includes string gnupg" workaround dropped which uses > the https://apt.wikimedia.org repository and that worked fine. Many thanks, I'll be submitting a buster-pu bug accordingly. I wouldn't mind an extra confirmation after it's been published in a point release (peace of mind and all that). > I've also submitted a patch to installation-guide to enhance the docs > so that the constraints for the Secure Apt key file are explicitly > mentioned (#932284) Much appreciated, thanks. Cheers, -- Cyril Brulebois (kibi@debian.org) <https://debamax.com/> D-I release manager -- Release team member -- Freelance Consultant
Attachment:
signature.asc
Description: PGP signature