Re: Debian derivatives census: errors with SecureApt

To: debian-derivatives <debian-derivatives@lists.debian.org>
Subject: Re: Debian derivatives census: errors with SecureApt
From: Paul Wise <pabs@debian.org>
Date: Wed, 10 Aug 2011 08:36:13 +0200
Message-id: <CAKTje6Fi2Qbutnv6xsqHXU5igrJ9Syt-NtumRzbuP=WiN+e2Cw@mail.gmail.com>
In-reply-to: <20110810071309.687fa34be71a15242e069f4a@debian.org>
References: <1306302776.5302.78.camel@chianamo> <20110810071309.687fa34be71a15242e069f4a@debian.org>

On Wed, Aug 10, 2011 at 8:13 AM, Neil Williams wrote:

> Only because the keyring isn't used by the aptitude test.

That is on purpose, since establishing trust paths to the 38
derivatives in the census is a huge task, let alone the many
derivatives not present in the census.

The script I am currently using was switched to apt-get and ignores
any GPG signatures (see below). I have updated the wiki page about
this issue to mention ignoring GPG signatures.

pabs@chianamo:~/devel/debian/deriv/census (master)$ cat bin/get-package-lists
#!/bin/sh
set -e
apt-get update -q=2 -y \
	-o Dir::Etc::SourceList="$(pwd)/$1" \
	-o Dir::Etc::SourceParts="$(pwd)/$2" \
	-o Dir::State::Lists="$(pwd)/$2" \
	-o Dir::Bin::gpg=fakegpgv \
	-o Debug::NoLocking=1 \
	-o Debug::pkgDPkgPM=1

pabs@chianamo:~/devel/debian/deriv/census (master)$ cat bin/fakegpgv
#!/bin/sh
STATUS=0
while [ -n "$1" ]; do
       if [ $(expr substr "$1" 1 11) = "--status-fd" ]; then
               STATUS=$2
               break
       fi
       shift
done
echo "[GNUPG:] GOODSIG 5A90D141DBAC8DAE" >&${STATUS}
exit 0

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

References:
- Re: Debian derivatives census: errors with SecureApt
  - From: Neil Williams <codehelp@debian.org>

Prev by Date: Re: Debian derivatives census: errors with SecureApt
Next by Date: derivatives front desk status check
Previous by thread: Re: Debian derivatives census: errors with SecureApt
Next by thread: derivatives front desk status check
Index(es):
- Date
- Thread