Package: mobian-archive-keyring
Severity: normal
X-Debbugs-Cc: [email protected]
Dear Maintainer,
the installation script of mobian-archive-keyring adds an additional
package source to the system by installing mobian.sources to
/etc/apt/sources.list.d. This may cause packages to be installed or
updated from the Mobian package repository rather than from the
sources configured prior to the installation of
mobian-archive-keyring.
However, I would expect a keyring package to only install additional
keys to the system and to leave the rest of the system untouched (in
particular preserving the current package sources). The description of
the package only states that keys are installed and does not mention
the additional package source.
Also, only installing the keys would be consistent with the behavior
of the installation procedures of similar packages (e.g.,
fasttrack-archive-keyring or debian-ports-archive-keyring) and
previous versions of mobian-archive-keyring (e.g., from bookworm).
Thanks,
Andi
-- System Information:
Debian Release: 13.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.90+deb13-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
