On Sat, Jun 12, 2010 at 11:06:28PM -0400, Rob Owens wrote:
I'm playing around with pbuilder. While building a package, pbuilder
needed to reference another package that I built and did not sign.
Pbuilder happily ignored the lack of signature and gave this warning,
but did not pause so I could read it:
Untrusted packages could compromise your system's security.
You should only proceed with the installation if you are certain that
this is what you want to do.
debhelper
*** WARNING *** Ignoring these trust violations because
aptitude::CmdLine::Ignore-Trust-Violations is 'true'!
I'd like to change this behavior so that pbuilder at least stops and
asks me how to proceed. I've been looking through the man pages and
googling, but I'm not seeing it.
I've found a couple of bugs referencing this problem, and the pbuilder
devs seem to think this is the way it should be. I disagree, so I
worked around it like this:
In /usr/lib/pbuilder I made a copy of pbuilder-satisfydepends-aptitude,
and called it pbuilder-satisfydepends-aptitude-safe. I edited the
safe file and changed
Ignore-Trust-Violations=true
to
Ignore-Trust-Violations=false
Then in my ~/.pbuilderrc I added the line
PBUILDERSATISFYDEPENDSCMD=/usr/lib/pbuilder/pbuilder-satisfydepends-aptitude-safe
Now pbuilder exits when it encounters an unsigned deb. As far as I can
tell, that is. I'm still in the process of testing it but so far it
seems to work.
If anyone knows of a better way, please post it.
-Rob
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/2010061304.ga10...@aurora.owens.net
