Re: apt-get and signatures couldn't be verified etc
On Wed, Aug 18, 2021 at 01:52:52PM +1000, Fred 1 wrote: > > vagrant@buster:/mnt/debian_build/apt-1.8.2.3$ ls -ld /var/lib/apt > /var/lib/apt/lists /var/lib/apt/lists/partial > drwxr-xr-x 5 root root 4096 Aug 17 04:22 /var/lib/apt > drwxr-xr-x 4 root root 4096 Aug 18 01:12 /var/lib/apt/lists > drwx-- 2 _apt root 4096 Aug 18 01:12 /var/lib/apt/lists/partial > > sudo apt install debian-archive-keyring > Reading package lists... Done > Building dependency tree > Reading state information... Done > debian-archive-keyring is already the newest version (2019.1+deb10u1). > 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. > > > So looks like that much is ok.. You also appear to be building a Debian system inside of a Debian system. Perform those same checks on the inner Debian system, which seems to be (ch)rooted at /mnt/debian_build/rootfs/ based on your original message. If those suggestions don't help, then you may require knowledge from someone who has done this Debian-inside-a-different-arch-Debian thing before.
Re: apt-get and signatures couldn't be verified etc
vagrant@buster:/mnt/debian_build/apt-1.8.2.3$ ls -ld /var/lib/apt /var/lib/apt/lists /var/lib/apt/lists/partial drwxr-xr-x 5 root root 4096 Aug 17 04:22 /var/lib/apt drwxr-xr-x 4 root root 4096 Aug 18 01:12 /var/lib/apt/lists drwx-- 2 _apt root 4096 Aug 18 01:12 /var/lib/apt/lists/partial sudo apt install debian-archive-keyring Reading package lists... Done Building dependency tree Reading state information... Done debian-archive-keyring is already the newest version (2019.1+deb10u1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. So looks like that much is ok.. must have some configuration still wrong. On 18/08/2021 11:38, debian-user-digest-requ...@lists.debian.org wrote: note.1 Description: Unix manual page
Re: apt-get and signatures couldn't be verified etc
On Wed, Aug 18, 2021 at 11:12:21AM +1000, Fred 1 wrote: > "W: Download is performed unsandboxed as root as file > '/mnt/debian_build/rootfs/var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_InRelease' > couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission > denied) Check the ownership here...? unicorn:~$ ls -ld /var/lib/apt /var/lib/apt/lists /var/lib/apt/lists/partial drwxr-xr-x 5 root root 4096 Aug 17 07:12 /var/lib/apt/ drwxr-xr-x 4 root root 4096 Aug 17 07:10 /var/lib/apt/lists/ drwx-- 2 _apt root 12288 Aug 17 07:10 /var/lib/apt/lists/partial/ > W: GPG error: http://deb.debian.org/debian stable InRelease: The following > signatures couldn't be verified because the public key is not available: > NO_PUBKEY 04EE7237B7D453EC NO_PUBKEY 648ACFD622F3D138 NO_PUBKEY > DCC9EFBF77E11517 > E: The repository 'http://deb.debian.org/debian stable InRelease' is not > signed. > " Are you missing the debian-archive-keyring package?
apt-get and signatures couldn't be verified etc
i'm on a buster64 vagrant instance, and building an armel distro, using a build.sh, multistrap etc Anyway its undone with all the "W: Download is performed unsandboxed as root as file '/mnt/debian_build/rootfs/var/lib/apt/lists/partial/deb.debian.org_debian_dists_stable_InRelease' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) W: GPG error: http://deb.debian.org/debian stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 04EE7237B7D453EC NO_PUBKEY 648ACFD622F3D138 NO_PUBKEY DCC9EFBF77E11517 E: The repository 'http://deb.debian.org/debian stable InRelease' is not signed. " yes i've found the threadds about adding the keys , gpg and all that - didn't work sure... --allow-unauthenticated Ignore if packages can't be authenticated and don't prompt about it. This can be useful while working with local repositories, but is a huge security risk if data authenticity isn't ensured in another way by the user itself. The usage of the Trusted option for sources.list(5) entries should usually be preferred over this global override. Configuration Item: APT::Get::AllowUnauthenticated. trouble is it only half works or am I misunderstanding the man page ? ..which wouldn't surprise me, lost count of number of times peering through man pages completely obtuse and wrong. $ apt --version apt 1.8.2.3 (amd64) looking at the source code, looks like some cases of should be skipping the verify fail for "allow-unauthenticated" and not understanding why Changed the code and got much further. addendum: got to the repo for https://salsa.debian.org/apt-team/apt its version is 2.3.8, so not sure why update on buster64 didn't have this version some preliminary diff analysis still seems to be that "allow-unauthenticated" is NOT going to fully work the way I understand it should..?