Package: reprepro
Version: 5.1.1-1
Severity: wishlist
Hello!
In sources.list(5) there is the possibility to have the Signed-by option, and
the default is pulled from the acquired Release file:
ยท Signed-By (signed-by) is either an absolute path to a keyring file (has to
be accessible and readable for the _apt user, so ensure everyone has
read-permissions on the file) or one or more fingerprints of keys either
in the trusted.gpg keyring or in the keyrings in the trusted.gpg.d/
directory (see apt-key fingerprint). If the option is set, only the key(s)
in this keyring or only the keys with these fingerprints are used for the
apt-secure(8) verification of this repository. Defaults to the value of
the option with the same name if set in the previously acquired Release
file. Otherwise all keys in the trusted keyrings are considered valid
signers for this repository.
I do not see a valid way to include this option in a Release file generated by
reprepro, but it would be great if it could be added. Simply making the default
be the key that was used for SignWith would seem to make sense.
micah
-- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages reprepro depends on:
ii libarchive13 3.2.1-6
ii libbz2-1.0 1.0.6-8.1
ii libc6 2.24-9
ii libdb5.3 5.3.28-12+b1
ii libgpg-error0 1.26-2
ii libgpgme11 1.8.0-3
ii liblzma5 5.2.2-1.2
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages reprepro recommends:
ii apt 1.4~rc2
Versions of packages reprepro suggests:
ii gnupg-agent 2.1.18-6
pn inoticoming <none>
pn lzip <none>
pn pinentry-curses <none>
-- no debconf information
