Bug#618445: apt: Please downgrade "There is no public key available ..." to a notice
Package: apt
Version: 0.8.10
Severity: minor
Tags: patch
Hello,
I'm about to change the gpg key used to sign our apt and so signed the
archive for now with two keys and will update the keyring package to
contain the new key soon.
The "problem" I'm faced with now is that if apt only knows one of the
two keys used it prints a warning
W: There is no public key available for the following key IDs:
...
I don't know if this is the only situation where this warning is issued,
but if it is (and the comment[1] in the source makes me believe it is) IMHO
a notice would be enough.
The main difference is that a notice doesn't result in a red box that
looks too important for me in aptitude.
For now I simply don't remove the old key from the keyring package yet
such that the warning goes away when the most recent version is
installed.
So the remaining downsides are that I need to update the keyring package
once more when the old key is expired (well or ignore that and simply
ship two keys) and that the users of our repository see the warning
until they update the keyring package (and have to update once more
later).
Best regards
Uwe
[1] "check for missing sigs (that where not fatal because otherwise we
had bombed earlier)"
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1422,7 +1422,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message) /*{{{*/
missingkeys += (Fingerprint);
}
if(!missingkeys.empty())
- _error->Warning("%s", string(msg+missingkeys).c_str());
+ _error->Notice("%s", string(msg+missingkeys).c_str());
string Transformed = MetaIndexParser->GetExpectedDist();
Reply to: