Bug#633356: live-build: use LB_APT_SECURE too when bootstrapping system

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#633356: live-build: use LB_APT_SECURE too when bootstrapping system
From: Eugenio 'g7' Paolantonio <me@medesimo.eu>
Date: Sat, 09 Jul 2011 17:52:31 +0200
Message-id: <[🔎] 20110709155231.1376.8517.reportbug@localhost>
Reply-to: Eugenio 'g7' Paolantonio <me@medesimo.eu>, 633356@bugs.debian.org

Package: live-build
Version: 3.0~a23-1
Severity: normal
Tags: patch

Due to a recent change in debootstrap (#560038), it now validates archives' signatures by default.
This is a problem if we are installing (for example) from a local mirror which hasn't the Release.gpg file.

The --no-check-gpg option has been added to override this (#624229).

I made a small patch to use that option if LB_APT_SECURE is false.

Ciao,
Eugenio

-- Package-specific info:

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.39.1-ck1-g7 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages live-build depends on:
ii  cdebootstrap                  0.5.7      Bootstrap a Debian system
ii  debootstrap                   1.0.32     Bootstrap a basic Debian system

Versions of packages live-build recommends:
ii  cpio                          2.11-7     GNU cpio -- a program to manage ar
ii  gettext-base                  0.18.1.1-3 GNU Internationalization utilities
pn  gnu-fdisk                     <none>     (no description available)

Versions of packages live-build suggests:
ii  dosfstools                 3.0.9-1       utilities for making and checking 
ii  fakeroot                   1.16-1        tool for simulating superuser priv
ii  genisoimage                9:1.1.11-1    Creates ISO-9660 CD-ROM filesystem
ii  grub                       0.97-65       GRand Unified Bootloader (dummy pa
pn  memtest86+ | memtest86     <none>        (no description available)
ii  mtools                     4.0.12-1      Tools for manipulating MSDOS files
ii  parted                     2.3-6         disk partition manipulator
ii  squashfs-tools             1:4.2-3       Tool to create and append to squas
ii  sudo                       1.7.4p6-1     Provide limited super user privile
ii  syslinux                   2:4.04+dfsg-2 collection of boot loaders
ii  uuid-runtime               2.19.1-2      runtime components for the Univers
ii  win32-loader               0.7.3         Debian-Installer loader for win32

-- no debconf information

*** /home/g7/semplice/emily/unstable_fixes/live-build/live-build-3.0~a23/debian/patches/aptsecure_debootstrap.diff
--- a/scripts/build/lb_bootstrap_debootstrap
+++ b/scripts/build/lb_bootstrap_debootstrap
@@ -103,6 +103,13 @@
 	DEBOOTSTRAP_OPTIONS="${DEBOOTSTRAP_OPTIONS} --verbose"
 fi
 
+# If LB_APT_SECURE is false, do not check signatures of the Release file
+# WARNING: debootstrap 1.0.30 or later required!
+if [ "${LB_APT_SECURE}" = "false" ]
+then
+	DEBOOTSTRAP_OPTIONS="${DEBOOTSTRAP_OPTIONS} --no-check-gpg"
+fi
+
 if [ -x "/usr/sbin/debootstrap" ]
 then
 	if [ "${LB_CACHE_PACKAGES}" = "true" ]

Reply to:

Prev by Date: Need Support For Hardware & Live Usb Issue + Bugs version 0.1
Next by Date: Re: aufs status in Linux
Previous by thread: Need Support For Hardware & Live Usb Issue + Bugs version 0.1
Next by thread: Re: aufs status in Linux
Index(es):
- Date
- Thread