On Sat, Oct 22, 2005 at 02:16:39AM +0200, David Madore wrote: > Package: apt > Version: 0.6.41 > Severity: serious
Thanks for your bugreport. > The --allow-unauthenticated option does not revert to the exact > pre-0.6.27 behavior: even when this flag is passed on the command > line, apt still favors an authenticated package on the network to an > unauthenticated package on the local host (say with a file:/// URL in > the sources.list). > > No combination of switches seems to be sufficient to _completely_ > remove any kind of authentication-related feature (and revert to the > pre-0.6.27 behavior in all respects). > > This severely breaks very-low-bandwidth systems where it is assumed > that the local package set will be favored over the networked ones. Could you please test if the attached patch fixes the problem? Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo
* looking for [EMAIL PROTECTED]/apt--mvo--0--patch-88 to compare with * comparing to [EMAIL PROTECTED]/apt--mvo--0--patch-88: .. done. * modified files --- orig/apt-pkg/acquire-item.cc +++ mod/apt-pkg/acquire-item.cc @@ -770,6 +770,12 @@ } } + // "allow-unauthenticated" restores apts old fetching behaviour + // that means that e.g. unauthenticated file:// uris are higher + // priority than authenticated http:// uris + if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true) + Trusted = false; + // Select a source if (QueueNext() == false && _error->PendingError() == false) _error->Error(_("I wasn't able to locate file for the %s package. "