[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Trying to piece together a procedure that works : debootstrap and gpg keys?

On Mon, 2025-09-22 at 22:30 -0400, Dennis Clarke wrote:
> Well yes the keyring exists :
> 
> nix# apt-get install debian-ports-archive-keyring
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> The following NEW packages will be installed:
>    debian-ports-archive-keyring
> 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
> Need to get 13.8 kB of archives.
> After this operation, 15.4 kB of additional disk space will be used.
> WARNING: The following packages cannot be authenticated!
>    debian-ports-archive-keyring
> Authentication warning overridden.
> Get:1 http://archive.debian.org/debian/ wheezy/main 
> debian-ports-archive-keyring all 2012.01.08 [13.8 kB]
> Fetched 13.8 kB in 0s (26.6 kB/s)
> Selecting previously unselected package debian-ports-archive-keyring.
> (Reading database ... 29048 files and directories currently installed.)
> Unpacking debian-ports-archive-keyring (from 
> .../debian-ports-archive-keyring_2012.01.08_all.deb) ...
> Setting up debian-ports-archive-keyring (2012.01.08) ...
> 
> Yup .. looks correct I guess :
> 
> nix# ls -l /usr/share/keyrings/
> total 52
> -rw-r--r-- 1 root root 26628 Jan  1  2015 debian-archive-keyring.gpg
> -rw-r--r-- 1 root root 10601 Jan  1  2015 debian-archive-removed-keys.gpg
> -rw-r--r-- 1 root root  7602 Jan  8  2012 debian-ports-archive-keyring.gpg
> -rw-r--r-- 1 root root  3858 Jan 12  2011 
> debian-ports-archive-keyring-removed.gpg
> nix#

A keyring from 2012 doesn't really look correct, does it?

Not sure what kind of host system you're doing this on, but naturally you
need to make sure you install the latest debian-ports-archive-keyring
package when trying to bootstrap a current version of Debian unstable.

> However this fails :
> 
> nix# debootstrap \
>  > --keyring=/usr/share/keyrings/debian-ports-archive-keyring.gpg \
>  > --include=debian-ports-archive-keyring,wget \
>  > --arch=sparc64 unstable /mnt/debootstrap \
>  > http://ftp.ports.debian.org/debian-ports
> I: Retrieving Release
> I: Retrieving Release.gpg
> I: Checking Release signature
> E: Release signed by unknown key (key id 3AF65F93D6FBC5B9)
> nix#
> 
> So tomorrow is another day.

Try:

# wget http://ftp.debian.org/debian/pool/main/d/debian-ports-archive-keyring/debian-ports-archive-keyring_2025.04.05_all.deb
# dpkg -i debian-ports-archive-keyring_2025.04.05_all.deb

Then retry the above debootstrap process.

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913
Reply to: