On Thu, 2018-12-20 at 16:51 +0100, Ansgar Burchardt wrote: > Control: reassign -1 src:linux 4.19.9-1 > > On Thu, 20 Dec 2018 16:26:55 +0100 Vincent Lefevre wrote: > > After an upgrade of linux-image-amd64, which now depends on > > linux-image-4.19.0-1-amd64, on one machine I got: > > > > linux-image-4.19.0-1-amd64 4.19.9-1 > > > > but on another machine I got: > > > > linux-image-4.19.0-1-amd64-unsigned 4.19.9-1 > > The issue is that linux-image-4.19.0-1-amd64-unsigned has > Provides: linux-image-4.19.0-1-amd64 > > So if linux-image-amd64 starts depending on linux-image-4.19.0-1-amd64 > before the signed version is present, apt will install the unsigned > version. This doesn't look like a bug in apt to me. > > The easiest way to avoid this would be to drop the Provides from the > unsigned image. Is there any downside for doing so? I was under the impression that packages built by module-assistant generally depended on the corresponding kernel package. Either this changed at some point or I misremembered. Since the signing service seems to be reliable I don't see any good reason to actually use the unsigned packages, so I think the Provides could safely be removed. Ben. -- Ben Hutchings It is impossible to make anything foolproof because fools are so ingenious.
Attachment:
signature.asc
Description: This is a digitally signed message part