Moritz Muehlenhoff <mmuhlenh...@wikimedia.org> (2019-07-17):
> On Fri, Jul 12, 2019 at 09:07:45AM +0000, Cyril Brulebois wrote:
> >  apt-setup (1:0.151) unstable; urgency=medium
> >  .
> >    [ Moritz Mühlenhoff ]
> >    * When preseeding a local repository via apt-setup/localX/repository,
> >      the repository key for Secure Apt needs to be configured with
> >      apt-setup/localX/key. This key used to be set up with apt-key, but
> >      its use is deprecated and apt's former dependency on gnupg has been
> >      demoted to a Suggests, rendering apt-key non-functional in d-i.
> >      Apply a patch by Lars Kollstedt (thanks!) which adds the repository
> >      key(s) to /etc/apt/trusted.gpg.d, following the approach used by
> >      pbuilder (Closes: #851774, #928931):
> >       - .asc suffix if the key file seems to be armoured ASCII (i.e. it
> >         contains a “-----BEGIN PGP PUBLIC KEY BLOCK-----” line);
> >       - .gpg suffix otherwise. Please note that only “GPG key public ring”
> >         are supported by APT, newer “keybox database” format isn't at the
> >         moment.
> Hi Cyril,
> as discussed on #debian-boot last week: I've tested a Buster installation with
> "d-i     mirror/udeb/suite       string  unstable" and our previous
> "d-i     base-installer/includes string  gnupg" workaround dropped which uses
> the https://apt.wikimedia.org repository and that worked fine.

Many thanks, I'll be submitting a buster-pu bug accordingly. I wouldn't
mind an extra confirmation after it's been published in a point release
(peace of mind and all that).

> I've also submitted a patch to installation-guide to enhance the docs
> so that the constraints for the Secure Apt key file are explicitly
> mentioned (#932284)

Much appreciated, thanks.

Cyril Brulebois (k...@debian.org)            <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant

Attachment: signature.asc
Description: PGP signature

Reply via email to