On Sun, Nov 13, 2005 at 04:37:15PM +0100, Andras Korn wrote:
> Package: apt
> Version: 0.6.42.3
> Severity: normal

Thanks for your bugreport.
 
> I have a local package repository that is pieced together from many
> different sources. I don't have a signed Release file (is there an easy way
> to generate one automatically?); I only generate my own Packages file.

It's a matter of runing apt-ftparchive and gpg, see apt-secure(8) for
a discussion.
 
> The patch to this local repository is listed first in my sources.list.
> 
> Nevertheless, when apt-get needs to fetch packages, it ignores my local
> repository and downloads the exact same packages from the net instead,
> presumably because those repositories are signed. (But do correct me if I'm
> wrong.)
[..]

Yes, it's a feature of apt to prefer signed sources. But if you run it
with --allow-unauthenticated, it should behave exactly as the 0.5.x
versions. Can you please try/confirm this?
 
Cheers,
 Michael

-- 
Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to