merge 369173 316572 retitle 369173 Doesn't work with authenticated apt; needs to sign debs or --allow-unauthenticated severity 369173 important thanks
This is an apt-build bug. Installing apt-key does not fix the problem of apt-build creating unsigned packages. These unsigned packages will cause apt-get to complain when apt-build tries to install them. To fix this, apt-build should either: a) Sign packages that it builds (it would be nice if the postinst script used debconf to offer to automatically create a new signing key, or use an existing key to sign [which would require entering your passphrase when you use apt-build]) b) Pass through to apt the "--allow-unauthenticated" option. This is less desirable, since it would cause apt to not check other packages it installs, such as build-deps. However, to mitigate this, apt-build could only pass this through when installing packages it created, rather than build-deps. Without one of these solutions, apt-build will always fail to install packages it builds, requiring the user to then run $(apt-get install whatever) to actually install the packages apt-build makes. Temporarily, for my own use, I added "--allow-unauthenticated" to "@apt_args", but that is not a good long-term solution.
pgp63V9hSEmSk.pgp
Description: PGP signature
