On Thursday 15 February 2007 20:05, Joey Hess wrote: > I think this is worth putting in because it's useful both when a key > expires and you still need to use old installation media, and when > installing from an unofficial, unsigned mirror, like the one the armel > port is using.
I have no objection in principle. A few comments. > Index: manual/en/appendix/preseed.xml > =================================================================== > +#d-i debian-installer/allowunauthenticated string true Shouldn't this parameter be documented as a boot parameter too? Would it be worth creating an alias for it (as it is very long in its raw form)? Also, I'd suggest debian-installer/allow_unauthenticated for readability. > Index: packages/base-installer/debian/postinst [...] > + cat > /target/etc/apt/apt.conf.d/00AllowUnauthenticated << EOT > +# Force apt to ignore auth issues. > +# Warning: This configuration is insecure and not recommended! > +APT::Get::AllowUnauthenticated "true"; > +EOT Should this be really be kept by default for the target system? If so, that should be documented very clearly. I even think there should be a dialog to warn about that, which makes the change a post-etch one because we don't want to introduce new strings at this point.
pgpnCsGy5h86w.pgp
Description: PGP signature
