Bug#990521: I wonder whether bug #990521 "apt-secure points to apt-key which is deprecated" should get a higher severity
Hi,
I'm running a (quite) up to date testing and recently I stumbled upon
$ sudo apt update
...
Err:8 http://fam-tille.de/debian local InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 578A0494D1C646D1
...
W: GPG error: http://fam-tille.de/debian local InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 578A0494D1C646D1
E: The repository 'http://fam-tille.de/debian local InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I have some packages for my own use (I mean there is no reason to expect
that someone wants to pull things from there) on my private web page
which I signed with my Debian key. This was working up to recently with
apt-key. Since this was not working any more I tried to follow the
advise given in the error message and started reading apt-secure(8)
where I just found a hint to apt-key which is deprecated.
IMHO users who are using third party repositories will get a broken
system after upgrading to Debian 11 and there is no helpful hint given
how to fix it.
BTW, I did some
apt-key del 578A0494D1C646D1
added my key to /etc/apt/trusted.gpg.d/fam-tille.gpg and added an
according
[signed-by=/etc/apt/trusted.gpg.d/fam-tille.gpg]
option to the sources.list line ... and it does not yet work. So I
think it is critical to point to a solution that *really* works.
Due to potential breaking user systems I wonder if someone agrees
with bumping the severity of the bug to serious.
Kind regards
Andreas.
--
http://fam-tille.de
Reply to: