On Sun, 29 May 2011 16:16:32 +0800 Paul Wise <pabs@debian.org> wrote: > On Sun, May 29, 2011 at 2:59 PM, David Kalnischkies wrote: > > > Currently you can't easily - beside installing the keyrings. > > The warnings are harmless through, at install time apt will ask > > for confirmation for these packages or you give > > --allow-unauthenticated > > > > But if you really want to silence APT at this stage you can do this: > ... > > This way every Release file is "magically" signed with a good > > signature - at least that is what APT gets to know from our faked > > gpgv - and all NO_PUBKEY warnings are gone. > ... > > P.S.: The "signature" key is the one used in APTs testcases so don't > > worry that a real person could get offended by using this key for > > this trick. > > Thanks, worked a treat. > > It would be great to have trust paths from Debian to our derivatives, > but I don't see that happening any time soon so silencing apt is nice > for now. What sort of trust path? How would you propose we create one? I suppose we could get all the derivatives keys added to a package in debian, sounds complex though. thanks, kk -- Karl Goetz, (Kamping_Kaiser / VK5FOSS) Debian contributor / gNewSense Maintainer http://www.kgoetz.id.au No, I won't join your social networking group
Attachment:
signature.asc
Description: PGP signature