Hello, I made myself the patched version, it was actually quite easy.
I'm attaching the patch, which includes a new configuration option to turn the behaviour on and off (with signature checking enabled by default). Ciao, Enrico -- GPG key: 1024D/797EBFAB 2000-12-05 Enrico Zini <[EMAIL PROTECTED]>
diff -Naur sbuild-0.57.4/etc/sbuild.conf sbuild-0.57.4.enrico/etc/sbuild.conf --- sbuild-0.57.4/etc/sbuild.conf 2008-07-06 12:43:57.000000000 +0100 +++ sbuild-0.57.4.enrico/etc/sbuild.conf 2008-07-25 11:05:58.000000000 +0100 @@ -78,6 +78,10 @@ # failures) for use in a buildd setup. #$sbuild_mode = "user"; +# Force APT to accept unauthenticated packages. +# This is disabled by default: only enable it if you know what you are doing. +#$apt_allow_unauthenticated = 0; + # APT policy. 1 to enable additional checking of package versions # available in the APT cache, or 0 to disable. 0 is the traditional # sbuild behaviour; 1 is needed to build from additional repositories diff -Naur sbuild-0.57.4/lib/Sbuild/Chroot.pm sbuild-0.57.4.enrico/lib/Sbuild/Chroot.pm --- sbuild-0.57.4/lib/Sbuild/Chroot.pm 2008-07-06 12:43:57.000000000 +0100 +++ sbuild-0.57.4.enrico/lib/Sbuild/Chroot.pm 2008-07-25 11:07:36.000000000 +0100 @@ -114,7 +114,10 @@ DIR => $self->get('Location'), UNLINK => 0) ) { - print $F "APT::Get::AllowUnauthenticated true;\n"; + if ($Sbuild::Conf::apt_allow_unauthenticated) + { + print $F "APT::Get::AllowUnauthenticated true;\n"; + } print $F "APT::Install-Recommends false;\n"; if (! rename $F->filename, $chroot_aptconf) { diff -Naur sbuild-0.57.4/lib/Sbuild/Conf.pm sbuild-0.57.4.enrico/lib/Sbuild/Conf.pm --- sbuild-0.57.4/lib/Sbuild/Conf.pm 2008-07-06 12:43:57.000000000 +0100 +++ sbuild-0.57.4.enrico/lib/Sbuild/Conf.pm 2008-07-25 11:04:17.000000000 +0100 @@ -111,6 +111,7 @@ our $uploader_name; our $key_id; our $apt_update = 0; +our $apt_allow_unauthenticated = 0; our %alternatives = ("info-browser" => "info", "httpd" => "apache", "postscript-viewer" => "ghostview",
signature.asc
Description: Digital signature