[pkg-fso-maint] Probleme mit debian on freerunner install.sh
luca at pca.it
Fri Feb 27 14:05:02 UTC 2009
On Fri, 27 Feb 2009 14:40:41 +0100, Steffen Moeller wrote:
> Joachim Breitner wrote:
>> He first changed every occurance of --yes with --yes --force-yes, and
>> changed every occurance of that back to --yes (configurable with a
>> variable). This included this change:
>> - chroot $INST_DIR apt-get --yes --force-yes install pkg-fso-keyring
>> + chroot $INST_DIR apt-get $APT_OPTIONS install pkg-fso-keyring
>> but in this case, the --force-yes was there originally and for a reason.
> Right. And I am sorry for this.
> When we have that pkg-fso-keyring package signed by a Debian developer, the --force-yes
> could go, right?
IIRC, the problme is not the pkg-fso-keyring package being signed or not
by a Debian Developer , but the fact that the package comes from a
repository which is not signed by a GPG key present in the apt-key
 a package cannot be signed, but only the .changes/.dsc files
(signature needed to upload the package) or the Release file from
the repository (signature needed for apt-secure)
The only solution to this problem would be to upload the pkg-fso-keyring
package to Debian main, which is a situation shared by other
"unofficial" repository and IIRC it was discussed a not so long time ago
on debian-devel at .
I do not consider "polluting" the Debian archive with "unofficial"
keyrings a good solution: either the packages are uploaded to Debian
(and thus you do not need external repositories) or they are not
suitable for Debian (in which case you should be aware of what you are
doing, thus you need to manually install the specific -keyring package
or the GPG public key with apt-key).
Gismo / Luca
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 314 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-fso-maint/attachments/20090227/c67068cf/attachment.pgp
More information about the pkg-fso-maint