Bug#579028: pbuilder: installs untrusted packages without asking
Junichi Uekawa
dancer at netfort.gr.jp
Thu Jun 24 10:44:43 UTC 2010
At Fri, 11 Jun 2010 18:20:58 -0700,
Vagrant Cascadian wrote:
>
>
> in pbuilder-satisfydepends-aptitude: $CHROOTEXEC aptitude -y --without-recommends -o APT::Install-Recommends=false -o Aptitude::CmdLine::Ignore-Trust-Violations=true -o Aptitude::ProblemResolver::StepScore=100 install pbuilder-satisfydepends-dummy
>
> i don't know if the other satisfydepends scripts have similar issues.
>
> seems like the Aptitude::CmdLine::Ignore-Trust-Violations=true should at least
> be configureable somehow, if not defaulting to false.
>
> this appears to have been added quite some time ago. from the ChangeLog:
>
> 2007-04-22 Loic Minier <lool at dooz.org>
>
> * pbuilder-satisfydepends-aptitude: Pass
> Aptitude::ProblemResolver::StepScore and
> Aptitude::CmdLine::Ignore-Trust-Violations flags to aptitude to
> help resolve complex situations relatively common in experimental and
> support unsigned repositories like we do for apt-get.
>
> so it's obviously intentional...
Yes, it's intentionally this way, to not to break compatibility with
older versions, and support local repositories, and keep pbuilder
non-interactive.
regards,
junichi
--
dancer@{netfort.gr.jp,debian.org}
More information about the Pbuilder-maint
mailing list