autopkgtest in jessie: mark local archive as [trusted=yes]
carnil at debian.org
Wed Dec 21 11:43:18 UTC 2016
Hello Martin, hello Autopkgtest team.
(I'm not subscribed to the autopkgtest-devel list, so please keep me
Before I ask anything to SRM I would like to hear your opinion. Since
a "recent" apt update in unstable, running the autopkgtests on a host
running jessie without backports, does not work anymore.
Background: jessie host, no backports, autopkgtest installed with
version 3.6jessie1. The problem is that adt-run generates a weak
signing key for the repositories.
Since apt 1.4~beta1, has "gpgv: Untrust SHA1, RIPE-MD/160, but allow
downgrading to weak":
This is not a problem anymore with newer autopkgtest packages, since
they do not use anymore gpg sign the local archive, since
The whole would probably to much for backporting to jessie, and
possibly not allowed by SRM, since it means a behaviour change. But do
you think it is sensible to just backport the change, to mark the
internal repository with trusted=yes?
- echo "deb file://%(d)s /" >/etc/apt/sources.list.d/autopkgtest.list
+ echo "deb [trusted=yes] file://%(d)s /" >/etc/apt/sources.list.d/autopkgtest.list
This option (trusted=yes) is available since 0.8.16~exp3, so for any
reasonable suite/distribution probably not a problem.
What do you think?
Thanks already for your time!
More information about the autopkgtest-devel