Hi, Aptitude gave me a rather unexpected message today.
$ aptitude -s upgrade <...> WARNING: untrusted versions of the following packages will be installed! Untrusted packages could compromise your system's security. You should only proceed with the installation if you are certain that this is what you want to do. yaird Do you want to ignore this warning and proceed anyway? To continue, enter "Yes"; to abort, enter "No": $ apt-cache policy yaird yaird: Installed: 0.0.11-10 Candidate: 0.0.11-11 Version table: 0.0.11-11 0 900 http://ftp.nl.debian.org sid/main Packages 700 http://debian.jones.dk sid/misc Packages *** 0.0.11-10 0 890 http://ftp.nl.debian.org etch/main Packages 100 /var/lib/dpkg/status I know that the message is a result of not having the gpg key for debian.jones.dk in my keyring, but I'm not trying to install the version from debian.jones.dk. I don't have the key in my keyring because I don't trust the packages there. I want to be notified when trying to install one of them. When I answer yes to the question above, aptitude will get the (trusted) package from ftp.nl.debian.org. So why does it warn me about untrusted packages? I want to be able to install yaird (from the normal repositories) without this warning. Only when a package will actually be retreived from an untrusted source should aptitude warn me. Does anyone know what to do about this, or should I consider this a bug and file a report? Felix -- Felix C. Stegerman <[EMAIL PROTECTED]> "Any sufficiently advanced bug is indistinguishable from a feature." -- R. Kulawiec -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]