Bug#703431: Annoying GPG error message
Hi,
On Fri, 19 Apr 2013, Robert Spencer wrote:
> >This still requires that the keyring be installed on the system whereas
> >we're already extracting it from the binary package in debian-cd.
>
> I'm sorry, I didn't misunderstand you. I made a bad assumption.
>
> I hope the attached patch file is satisfactory.
Yes, it's mostly OK. I committed it.
> +# Keyring (defaults):
> +#ARCHIVE_KEYRING_PACKAGE=debian-archive-keyring
> +# The path to the keyring file relative to $TDIR/archive-keyring/
> +#ARCHIVE_KEYRING_FILE=usr/share/keyrings/debian-archive-keyring.gpg
> +
> # By default we use debootstrap --no-check-gpg to find out the minimal set
> # of packages because there's no reason to not trust the local mirror. But
> # you can be paranoid and then you need to indicate the keyring to use to
> # validate the mirror.
> -#export DEBOOTSTRAP_OPTS="--keyring /usr/share/keyrings/debian-archive-keyring.gpg"
> +#export DEBOOTSTRAP_OPTS="--keyring $TDIR/archive-keyring/$ARCHIVE_KEYRING_FILE"
This hardcodes TDIR and ARCHIVE_KEYRING_FILE in a second parameter and
makes it impossible to do stuff like this (assuming that you have
uncommented DEBOOTSTRAP_OPTS):
$ . CONF.sh
$ export TDIR=/tmp/debian-cd
But I guess it's not a big deal. At least it documents the value that
you're expected to set if you want to use it.
Thanks again!
--
Raphaël Hertzog ◈ Debian Developer
Get the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/
Reply to: