Package: multistrap
Version: 2.2.9
Severity: important
--- Please enter the report below this line. ---
Hi.
Since (I assume) apt 1.5~alpha1 the following change is in apt (from
apts changelog):
* fail instead of warn on insecure repositories in apt-get
This makes multistraps initial package download/repository update fail.
I could work around this by applying the attached patch to the
multistrap script in /usr/sbin/multistrap
It adds another option to the apt-get call unconditionally: "-o
Acquire::AllowInsecureRepositories=true"
I am not sure about the implications of this, since I am not familiar
with multistraps code base. Maybe it needs the same guard as the -o
Apt::Get::AllowUnauthenticated=true option?
Marked as important, because the package is unusable like this.
Regards
Andre
--- System information. ---
Architecture: Kernel: Linux 4.13.0-1-amd64
Debian Release: buster/sid
500 unstable-debug debug.mirrors.debian.org 500 unstable
jenkins.piavpn.nordsys.de 500 unstable ftp.de.debian.org 500
testing-debug debug.mirrors.debian.org 500 testing
ftp.de.debian.org
--- Package information. ---
Depends (Version) | Installed
============================================-+-===========
perl:any | apt
| 1.6~alpha3
libconfig-auto-perl | 0.44-1
liblocale-gettext-perl | 1.07-3+b3
libparse-debian-packages-perl | 0.03-2
Package's Recommends field is empty.
Suggests (Version) | Installed
=======================-+-===========
fakeroot | 1.22-1
--- multistrap.orig 2017-11-08 08:55:15.066979371 +0100
+++ multistrap 2017-11-08 08:55:00.847310585 +0100
@@ -317,6 +317,7 @@
$config_str .= " -o Apt::Architecture=" . shellescape($arch);
$config_str .= " -o Dir::Etc::TrustedParts=" . shellescape("${dir}${etcdir}trusted.gpg.d");
$config_str .= " -o Dir::Etc::Trusted=" . shellescape("${dir}${etcdir}trusted.gpg");
+$config_str .= " -o Acquire::AllowInsecureRepositories=true";
$config_str .= " -o Apt::Get::AllowUnauthenticated=true"
if (defined $noauth);
$config_str .= " -o Apt::Get::Download-Only=true";
