[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#633356: live-build: use LB_APT_SECURE too when bootstrapping system

Package: live-build
Version: 3.0~a23-1
Severity: normal
Tags: patch

Due to a recent change in debootstrap (#560038), it now validates archives' signatures by default.
This is a problem if we are installing (for example) from a local mirror which hasn't the Release.gpg file.

The --no-check-gpg option has been added to override this (#624229).

I made a small patch to use that option if LB_APT_SECURE is false.


-- Package-specific info:

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages live-build depends on:
ii  cdebootstrap                  0.5.7      Bootstrap a Debian system
ii  debootstrap                   1.0.32     Bootstrap a basic Debian system

Versions of packages live-build recommends:
ii  cpio                          2.11-7     GNU cpio -- a program to manage ar
ii  gettext-base         GNU Internationalization utilities
pn  gnu-fdisk                     <none>     (no description available)

Versions of packages live-build suggests:
ii  dosfstools                 3.0.9-1       utilities for making and checking 
ii  fakeroot                   1.16-1        tool for simulating superuser priv
ii  genisoimage                9:1.1.11-1    Creates ISO-9660 CD-ROM filesystem
ii  grub                       0.97-65       GRand Unified Bootloader (dummy pa
pn  memtest86+ | memtest86     <none>        (no description available)
ii  mtools                     4.0.12-1      Tools for manipulating MSDOS files
ii  parted                     2.3-6         disk partition manipulator
ii  squashfs-tools             1:4.2-3       Tool to create and append to squas
ii  sudo                       1.7.4p6-1     Provide limited super user privile
ii  syslinux                   2:4.04+dfsg-2 collection of boot loaders
ii  uuid-runtime               2.19.1-2      runtime components for the Univers
ii  win32-loader               0.7.3         Debian-Installer loader for win32

-- no debconf information

*** /home/g7/semplice/emily/unstable_fixes/live-build/live-build-3.0~a23/debian/patches/aptsecure_debootstrap.diff
--- a/scripts/build/lb_bootstrap_debootstrap
+++ b/scripts/build/lb_bootstrap_debootstrap
@@ -103,6 +103,13 @@
+# If LB_APT_SECURE is false, do not check signatures of the Release file
+# WARNING: debootstrap 1.0.30 or later required!
+if [ "${LB_APT_SECURE}" = "false" ]
 if [ -x "/usr/sbin/debootstrap" ]
 	if [ "${LB_CACHE_PACKAGES}" = "true" ]

Reply to: