[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: mini-dinstall, repository signing and apt-get authentication

Jeremy Stanley wrote:
> On Tue, Jul 25, 2006 at 02:33:04PM +0100, Neil Williams wrote:
> [...]
>> I've generated a gpg key to sign the Release files and I'm using
>> mini-dinstall on the server. It appears to be working, Release and
>> Release.gpg are created and gpg can verify that the signature is good.
> [...]
>> Yet apt-get update doesn't seem to locate Release.gpg correctly:
>> Ign http://www.linux.codehelp.co.uk packages/unstable/all/ Release.gpg
> [...]
> Looks like it's trying to retrieve:
>    http://www.linux.codehelp.co.uk/packages/unstable/all/Release.gpg
> ...when you instead provide:
>    http://www.linux.codehelp.co.uk/packages/unstable/Release.gpg

Yes, I realise that. The problem is why it's not being generated when
Packages and Sources *are* being generated. It's not as simple as moving
a file around.

> I just use a dirty shell script with apt-ftparchive 

I used to use that but it's hard to get it to auto-update with uploads
by dput. That's where mini-dinstall comes in.

>to generate a
> little mini-repository of my projects like so:
> #!/bin/sh
> cd debian
> apt-ftparchive release . > Release
> gpg --armor --default-key ="Jeremy Stanley <fungi@yuggoth.org>" \
>  --detach-sign --output Release.gpg Release
> This has been working fine for me with apt-get/apt-key so far.

That's what I used to use but this method can't be used with
mini-dinstall. It looks like your repository is a single subdirectory
whereas mine uses multiple subdirectories for the multiple
architectures. Each one, apparently, needs a customised Release file.

My question is why mini-dinstall doesn't seem to be configured properly
to do this part of the update.


Neil Williams

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: