Pieces of apt everywhere

I see that we're now into the portion of the Debian release cycle where unstable really means unstable. Signature verification was added to apt in a way that causes warnings to happen if a particular archive isn't signed (probably good), but there's no documentation on what exactly is needed to get this working except in the wiki. And that documentation isn't really sufficient; is the Release file that I'm supposed to be signing the one in dists/sid/main/binary-i386, or is there some higher-level Release file I'm supposed to sign?

If that's the one, I don't really see the point, as it doesn't contain anything that changes. Clearly other stuff needs to get signed too. Of course, debarchiver doesn't know what to sign, and sans documentation it's a bit hard to figure out what changes I should feed back to the debarchiver maintainer.

Then, of course, my ability to do anything in Debian is severely hampered by the fact that this change to apt broke pbuilder, since apt inside the pbuilder chroot doesn't know the archive keys and therefore wants confirmation to install untrusted packages, but pbuilder doesn't provide the right options to force the confirmation.

And, on top of that, debootstrap in sid is broken for the buildd varient (and, as near as I can tell, for the non-buildd varient as well), so I can't set up new pbuilder chroots.

I don't really mind all of this -- unstable is unstable, after all. I just hope it gets fixed quickly. In the meantime, I guess I'm working on INN instead of on Debian stuff.

Posted: 2005-06-30 11:15 — Why no comments?

Last spun 2013-07-01 from thread modified 2013-01-04