Your message dated Mon, 18 May 2015 12:33:54 +0000 with message-id <[email protected]> and subject line Bug#733179: fixed in debootstrap 1.0.69 has caused the Debian Bug report #733179, regarding debootstrap: Missing keyring file should abort with error to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 733179: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733179 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: debootstrap Version: 1.0.38 Severity: important Tags: patch -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear Maintainer, If the keyring file specified by a script with the keyring() function doesn't exist, debootstrap prints only warning but the installation continues. As the script clearly mentions the keyring and thus relies on its existence to verify the download, this should cause an error and abort the debootstrap installation. Otherwise a misconfiguration or incomplete installation (missing keyrings) can lead to download and installation of unverified packages. The following patch fixes this issue and aborts the installation: --- functions.orig 2012-02-27 18:42:58.000000000 +0100 +++ functions 2012-02-27 18:43:02.000000000 +0100 @@ -508,7 +508,7 @@ "$relsigdest" "$reldest" || true) | read_gpg_status progress 100 100 DOWNRELSIG "Downloading Release file signature" elif [ -z "$DISABLE_KEYRING" ] && [ -n "$KEYRING_WANTED" ]; then - warning KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED" + error 1 KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED" fi } I'm no debootstrap expert so I may be overlooking something here, if so please tell me. But I think --no-check-gpg already takes care of the case if no verification is required. Regards, Simon - -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages debootstrap depends on: ii wget 1.13.4-2 Versions of packages debootstrap recommends: ii debian-archive-keyring 2010.08.28 ii gnupg 1.4.11-3 debootstrap suggests no packages. - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJPS8KlAAoJEJL+/bfkTDL5E4sP/0oOOVIENN7hmzhpkT3qw55W QNUMrVB/yNI8PXvrtDvcPIH4bqs+XB8wacUhgsuTpEtNbyrEAn1ej5V3kVjpuUGy m0fYyP7ak0JCQu2ZWDY8d99XPseskDJ3ZdJMAROw8SYTaATZ92zQ8DBe/1VHWIg9 P0o+lxDYvtiPb73sbOAtVRFGnu1YOBmeoAJHjk4/hBJ5I6ZzePRKKDoF0p8vrW3M r9BAaDVwxLrq75hqtrH0nV4GS19hgiWxo7EI6cuaAtyOdxO774AjN2YkydViPzid JP50dJAWbIow7DYF8cS1d+0JC3pWpKy+H9lG68/Q7f5E3D/IKW0mdOPwASYSUgzy ac64+Gio5r0WC+Y3XT4iilMms2Na7J2j0ZK7L1ZlpwVg1sFmH4aQUNqAUR6jb70T t25K4HqAkC1OtDf2Zha663Nu5TNiO3GgNn9AV+WB5mDauZZIzYAQWJ/JHMwvyYt6 x18TA1Umey1VeTdkcpbNhaM0qBom/HaO2fPlxDG9EEqKnUXAyhMQ5L2bQiOyiGGb iZnEImOa2e/TlzII0hcUX/36p7+ai0ydfhFcVLZRT754PRBmPOn2L/mDOQxRryPn QtxG888K9K91KnCif2dzOHT4Mejup7fVz0zKT1lLZoFpF3Nj2uj6+POTUw+/2Z59 s+E+OhWLTo9VcOe89tTi =G5Se -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: debootstrap Source-Version: 1.0.69 We believe that the bug you reported is fixed in the latest version of debootstrap, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Christian Perrier <[email protected]> (supplier of updated debootstrap package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 18 May 2015 14:07:43 +0200 Source: debootstrap Binary: debootstrap debootstrap-udeb Architecture: source all Version: 1.0.69 Distribution: unstable Urgency: medium Maintainer: Debian Install System Team <[email protected]> Changed-By: Christian Perrier <[email protected]> Description: debootstrap - Bootstrap a basic Debian system debootstrap-udeb - Bootstrap the Debian system (udeb) Closes: 661501 709751 733179 734743 768445 774752 775454 785276 Changes: debootstrap (1.0.69) unstable; urgency=medium . [ Cyril Brulebois ] * Make sure to deduplicate package list in download_release to avoid issues while counting downloaded packages. The failure path could lead to printing some strange integer (Closes: #709751, #768445, #785276, #774752). This was reported to mostly happen whenever --no-resolve-deps is used. * Add support for --force-check-gpg so that one can programmatically make sure keyring checks are used and that no fallback to an https mirror happens (Closes: #661501, #733179, #775454). * Switch default mirror from ftp.us.debian.org to the new, official http redirector service: httpredir.debian.org * Make it possible to override the MAKEDEV variable (Closes: #734743). Thanks, Wookey! . [ Christian Perrier ] * Update Standards to 3.9.6 (checked) Checksums-Sha1: 65d3b676c8e0e5aa861f487da22b29efd15d7252 1775 debootstrap_1.0.69.dsc 7faebd30e16d9f73c6ab9400b5bc546030093abe 61843 debootstrap_1.0.69.tar.gz 1f0bfa18e6db120447732ed255867f45171508f8 63982 debootstrap_1.0.69_all.deb cd8e59c30a9a64963a786cadcd404744e9a02634 18532 debootstrap-udeb_1.0.69_all.udeb Checksums-Sha256: eb45b1232b07d5c9daac42bf6622bb1a63925575ce7cc941a13136ae90c408ed 1775 debootstrap_1.0.69.dsc 146aac21c3121b0af09fdc841e4fd3a13ce9f5d990f3ca1b56a61e61d77dbe11 61843 debootstrap_1.0.69.tar.gz 958950c991130e67094da088b6f7b31463c80bf7caad1b2d876a8a35ddc76883 63982 debootstrap_1.0.69_all.deb 439821eedb0881a2cb7e0cbb3f689543b47fdd3c2576025f70b55f6f4a41aa18 18532 debootstrap-udeb_1.0.69_all.udeb Files: 7f71fa810e7c28e9f0c88d7c8895268c 1775 admin extra debootstrap_1.0.69.dsc ed089a169da9955ad87e310de3e14a91 61843 admin extra debootstrap_1.0.69.tar.gz 4dd775557649f9f3dfb5d3c4de01b077 63982 admin extra debootstrap_1.0.69_all.deb 98a261b981815b4657afa449ae21a086 18532 debian-installer extra debootstrap-udeb_1.0.69_all.udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVWdkZAAoJEIcvcCxNbiWo8fIP/083YJouacvZMkukUxbA8UNr IhV+gd/WYCjYWmn2xBDgngkuDor+2wUz11Jjp2Dew8qn0Q9faBwPyeVmdn3d3NiC 9c/HgKXvgPWXr+LLjosdls6yBR7/bZzcyYtKeCkPlNPxUmnAnequ2zvx5mYpWbwZ oWfSJTc/CfXdSQGSCPHqqZB8fZwvDU+bUTdrMhuTgLVPUO7xdYSfLnRyRIO4FJc5 c/5/mkBIhTuy8GHOOydVjpyZEnPvGABwdUSTvGGjnJb+NCjYYy/a4Iw3xy5fRSRF V66FRtcmyiOvKe6gx/cUgHwe3G7olf21KTt4FOG8U0guf/avTcG9kWGGU8GfQMYN St4ouhUFw6ReUy50+WbT5elm0mVxFvtvAdOTRINSe+eVG2IsR+w3/kuqKW3xOiWR Nkg59xNP7x8QDUzJuLcEzE2LZ3L9JxdvkBO8fM4iO+ms7ZW5BoWW+aHkxOnONEpL cgk427FNwK+7k7OjaEN4kZh5Iz4emq/8jZMBKpLlfiPtHhe990CRTC02/3YPDsF4 MH3aw7niU5PGF/a/Fr83q9e7TfPMVr0w5s70rGBx0nTUAX8KDIaMgcoHgq+sWCXU y9XaV0EUEwRTstVmGJpbTpMs6mDQyHvZaposAAa8faMldii7a9kt/qu7qPQvriMp jamIVRGrVdL/rq+hjEKw =xYi/ -----END PGP SIGNATURE-----
--- End Message ---
