Re: census: apt sources.list snippets
On Sun, May 29, 2011 at 06:44, Paul Wise <pabs@debian.org> wrote:
> I've written some scripts to download the census wiki pages, extract
> the sources.list snippets from them and run aptitude update against
> them.
I am completely biased, but as at least a few derivatives doesn't have
aptitude in the default installation the script should use 'apt-get update'
to lower the dependencies in case i would want to run it 'at home'.
> Some of the deb-src lines had [arch=i386] in them. I guess
> sources.list files are not well understood in the area of source
> packages, or something.
(As a side note, i am fascinated what lines are created and used
just because the damn parser doesn't complain…)
> The scripts do not handle GPG stuff, which means that the end of the
> script gives GPG errors when it completes. Does anyone know how to
> disable signature checking?
>
> W: GPG error: http://aptosid.com sid InRelease: The following
> signatures couldn't be verified because the public key is not
> available: NO_PUBKEY 9FFAACBAE3BD538B
Currently you can't easily - beside installing the keyrings.
The warnings are harmless through, at install time apt will ask
for confirmation for these packages or you give --allow-unauthenticated
But if you really want to silence APT at this stage you can do this:
echo '#!/bin/sh
STATUS=0
while [ -n "$1" ]; do
if [ $(expr substr "$1" 1 11) = "--status-fd" ]; then
STATUS=$2
break
fi
shift
done
echo "[GNUPG:] GOODSIG 5A90D141DBAC8DAE" >&${STATUS}
exit 0' > gpgv.sh
chmod +x gpgv.sh
apt-get update -o Dir::Bin::gpg=./gpgv.sh
This way every Release file is "magically" signed with a good signature -
at least that is what APT gets to know from our faked gpgv - and all
NO_PUBKEY warnings are gone.
Best regards
David Kalnischkies
P.S.: The "signature" key is the one used in APTs testcases so don't
worry that a real person could get offended by using this key for this trick.
Reply to: