Bug#678990: does not state URL of unauthenticated/unsigned packages
Package: apt
Version: 0.9.5.1
I am testing code on the debian-testing-i386-DVD-1.iso,
as it was on 2012 06 11.
I gave the command:
apt-get install ttf-dejavu
.
It output some info, including
"
The following NEW packages will be installed:
ttf-dejavu ttf-dejavu-extra
"
It did not state where it would obtain these packages from.
It asked me whether to proceed.
I answered "y".
It replied
"
WARNING: The following packages cannot be authenticated!
ttf-dejavu-extra ttf-dejavu
Install these packages without verification [y/N]?"
I would prefer that it tell me where these packages will come from,
if I were to ask it to proceed.
I would like it to tell me BEFORE I ask it to proceed.
If it will obtain the packages from my hard disk or from a local
CR-ROM, then I can make a decision.
But if these packages are to come over the Internet, then I require a
valid signature, before proceeding.
Please alter apt-get to give the user/sys-admin this necessary
information BEFORE he decides whether to proceed with the install.
This will become more important when it becomes common-place to
install over Wi-Fi, using Wi-Fi 'hotspots'.
I had edited /etc/apt/sources.list, it contains:
deb file:///media/cdrom0/ wheezy contrib main
.
Best regards
Richard Betham
Reply to: