Re: debian-archive-keyring installing ubuntu keys?
On 2014-03-26 8:39, Daniel Pocock wrote:
I have a project that is building in the travis-ci.org environment
(based on Ubuntu)
Unpacking debian-archive-keyring (from
Setting up debian-archive-keyring (2010.08.28) ...
That package is older than the version in squeeze (i.e. oldstable).
However, even fetching the package from Ubuntu trivially shows that it
does not contain any non-Debian keys:
$ mkdir debtmp
$ dpkg-deb -x debian-archive-keyring_2010.08.28_all.deb debtmp
$ gpg --no-default-keyring --keyring
pub 1024D/F42584E6 2008-04-06 [expired: 2012-05-15]
uid Lenny Stable Release Key
pub 4096R/55BE302B 2009-01-27 [expired: 2012-12-31]
uid Debian Archive Automatic Signing Key (5.0/lenny)
pub 2048R/6D849617 2009-01-24 [expired: 2013-01-23]
uid Debian-Volatile Archive Automatic Signing Key
pub 4096R/B98321F9 2010-08-07 [expires: 2017-08-05]
uid Squeeze Stable Release Key
pub 4096R/473041FA 2010-08-27 [expires: 2018-03-05]
uid Debian Archive Automatic Signing Key (6.0/squeeze)
<firstname.lastname@example.org>" not changed
gpg: key FBB75451: "Ubuntu CD Image Automatic Signing Key
<email@example.com>" not changed
gpg: Total number processed: 2
gpg: unchanged: 2
This suggests that you've got ubuntu-keyring installed in the
You'll notice that the messages all say "not changed". There are no new
keys being added at this point. What's happening is this:
if which apt-key > /dev/null; then
[from debian-archive-keyring's postinst]
Is this simply because I'm trying to use packages from sid? Or is this
"debian-archive-keyring" package at fault?
As far as I can tell, neither of these is the case. If you don't want
your environment to contain Ubuntu keys, don't install ubuntu-keyring in
I can't see how to easily tell from your setup exactly what's installed
in the environment before your job started, or I'd supply a link.
My understanding is that
because the package has debian in the name, it will give me Debian