Aptitude thinks all packages are untrusted

Tod Hansmann tod at todandlorna.com
Fri Apr 2 12:38:49 MDT 2010


Wasn't actually looking for specific packages, sorry.  Mostly I was 
grasping for any info that might lend a different view of the problem, 
especially to anyone else on-list that has more recent experience with 
Debian 5.0, a version I've never actually installed.

I'm out of ideas at the moment.  I'll ask some friends this evening if 
they've ever seen it in their trails, and if they come up with 
something, I'll post back.

Good luck!

-Tod Hansmann



On 4/2/2010 12:08 PM, Michael Torrie wrote:
> On 04/02/2010 11:21 AM, Tod Hansmann wrote:
>    
>> I'm pretty much just guessing here, but is gpg working on your system?
>> Do you have additional sources in your sources.list that aren't part of
>> the Debian archives?  Is the keyring all setup correctly in
>> /etc/apt/trusted.gpg?  Does that file have the proper permissions?
>>      
> Yes said I have gnupg installed and it works.  The sources.list file
> contains only the standard debian sources.  updates, volatile, stable, etc.
>
> I have no idea if the trusted.gpg is set up correctly.  I ran apt-key
> list and it showed me all the keys that it had (I listed them in my
> previous e-mail).  I tried downloading the keys with gpg and using
> apt-key to add them.  This worked fine, but I had the keys already
> before I did that, just to be consistent.
>
> So everything appears to be right.  Unfortunately neither apt or
> aptitude will tell my why they don't trust the packages.  They aren't
> complaining about a missing gpg key; they appear to think the packages
> aren't signed at all.  Now from what I've read, this might actually be
> true.  I don't think debian actually signs the packages at all yet (from
> what I read on the debian lists).  Rather they sign the Release file
> that apt uses as an index.
>
>    
>> It can't be too many things.  Apt isn't exactly complex in this regard,
>> so I'd start from there and if that provides you the answers, great.  If
>> not, I'll try to come up with more scenarios it could possibly be.  What
>> packages do you already have installed?
>>      
> We're talking about a minimal 400 MB install of only official debian
> lenny packages.  No X11, no extra tools.  Just your basic libraries and
> command line tools at this point. Nothing is installed that's not from
> debian stable.  What packages in particular are you wondering about?
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>
>    


More information about the PLUG mailing list