[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Custom Debian CD - Problem with APT-CDROM and GPGV


I'm trying to generate a custom install CD based on Etch. I've set up a local repository with reprepro, and I've installed and adapted simple-cdd to my needs.

Everything was working just fine until I decided to include signatures (Release.gpg files). Now here's the problem.

When installing my custom distro with my custom CD, base-installer throws the following error:
Copying package lists...gpgv: not a detached signature
E: Sub-process gpgv returned an error code (2)
W: Signature verification failed for /cdrom/dists/etch/Release.gpg
Of course, I've included my own keyring (/usr/share/keyrings/debian-archive-keyring.gpg and/etc/apt/trusted.gpg). When checking manually with gpgv (chroot /target gpgv /cdrom/dists/etch/Release.gpg), I noticed gpgv created /.gnupg/ and was looking for trustedkeys.gpg under that directory.

So I forced the install process to copy my keyring to that location.
Now, the manual signature check with gpgv is OK, but apt-cdrom still fails to verify the signature.
Whatever the options I use (APT::Get::AllowUnauthenticated...) the problem remains.

Now to my questions:
- Why does apt-cdrom fail if gpgv succeeds when launched manually???
- Why does the install process complete when the Release.gpg file is not even present on the CD???


Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail
Reply to: