[apt-build-devel] Bug#659015: apt-build disables apt's signature verification
apt-build development list
apt-build-devel at lists.alioth.debian.org
Tue Mar 31 07:42:24 UTC 2015
Axel Beckert <abe at debian.org> writes:
> I've though observed two possibly minor issues with it:
>
> * An existing /etc/apt/sources.list.d/apt-build.list is not updated to
> add "[trusted=yes]".
Could probably be added in postinst (apt-build.list is not a conffile),
e.g. something like
sed -i 's/^deb file:/deb [trusted=yes] file:/'
or something more strict to make sure it doesn't touch other
repositories.
> * Upon purge and (re)installation, I had the "deb" line twice in
> /etc/apt/sources.list.d/apt-build.list and it's not clear to me why.
The filename is generated differently in postinst and postrm:
+---
| eval $(apt-config shell sourceslist Dir::Etc::sourcelist/f)
| eval $(apt-config shell sourcesparts Dir::Etc::sourceparts/d)
| aptbuildsource="$sourcesparts"apt-build.list
+---[ postinst ]
+---
| eval $(apt-config shell etcdir Dir::Etc)
| eval $(apt-config shell sourceslist Dir::Etc::sourcelist)
| eval $(apt-config shell sourcesparts Dir::Etc::sourceparts)
| sourceslist=/"$etcdir""$sourceslist"
| sourcesparts=/"$etcdir""$sourcesparts"
| aptbuildsource="$sourcesparts"/apt-build.list
+---[ postrm ]
> I've not yet done much testing, so any feedback is welcome. I'll
> definitely do some more testing before uploading that fix.
I can't give to much feedback as I don't use apt-build myself. Just
noticed the thread on -security at .
Ansgar
More information about the Apt-build-devel
mailing list