[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debian-installer: cdrom vs. netboot

...and that's what the testing process is for... :)

On 1/27/2016 12:35 PM, John Paul Adrian Glaubitz wrote:
> On 01/27/2016 05:31 PM, rod wrote:
>> On 1/25/2016 12:45 PM, John Paul Adrian Glaubitz wrote:
>>> On 01/25/2016 07:05 PM, rod wrote:
>>>> root@cerberus:/var/log/installer# apt-get update
>>>> Hit:1 http://ftp.debian-ports.org/debian sid InRelease
>>>> Reading package lists... Done
>>>> W: There is no public key available for the following key IDs:
>>>> A53AB45AC448326E
>>>
>>> Is the debian-ports-archive-keyring package installed?
>>
>> Yes it is installed.
> 
> The package probably just contains the key for 2016. I didn't check it.
> The key that apt is complaining about is the 2015 key which is due to
> expire (or has expired).
> 
>>> If that doesn't help (it should), you can add the signing key manually:
>>>
>>> $ gpg --keyserver pgp.mit.edu --recv-keys C448326E ; gpg --armor
>>> --export C448326E |apt-key add - && apt-get update
>>
>> I'm still getting the error: W: There is no public key available for the
>> following key IDs: A53AB45AC448326E
>>
>> until I manually entered the following (your commands broken out
>> individually from above):
>>
>> root@cerberus:/# gpg --keyserver pgp.mit.edu --recv-keys C448326E
>> gpg: requesting key C448326E from hkp server pgp.mit.edu
>> gpg: key C448326E: "Debian Ports Archive Automatic Signing Key (2015)
>> <ftpmaster@debian-ports.org>" not changed
>> gpg: Total number processed: 1
>> gpg:              unchanged: 1
>> root@cerberus:/# gpg --armor --export C448326E | apt-key add
>> OK
>> root@cerberus:/# apt-get update
>> Hit:1 http://ftp.debian-ports.org/debian sid InRelease
>> Reading package lists... Done
>> root@cerberus:/#
> 
> Yeah, in case the keyring package doesn't contain the old key anymore,
> you have to import the key manually which is what the above command
> does. The keyring package is merely for convenience purposes.
> 
>> I dropped the "-" from after the apt-key add. I don't know if this makes
>> any real difference but it seems to work now.
> 
> The "-" tells apt-key (or any other command I know of) to take it's
> input from a pipe. Probably apt-key is designed in a way that it
> just defaults to taking input from pipe when there is no filename
> provided.
> 
>> Q: is this something which needs changing in the .iso creation so that
>> the software selection function of the installation works? (I don't know
>> much about the creation process of the .iso so I'm asking.)
> 
> We will probably just have to update the signing key shipped in the
> ISO. You were just really unlucky to perform your installation when
> the Debian ports keyring changed. Really nothing to worry about.
> 
> Adrian
>
Reply to: