Hi, Quoting Johannes Schauer (2015-12-07 21:13:10) > It seems that apt has support for trusted=yes since 0.8.16~exp3, so since > wheezy.
keeping support for signing the internal repository is important for as long as we want to support squeeze. When running sbuild, then the apt *inside* the chroot has to support [trusted=yes]. Since today on stretch or unstable we want to be able to build packages in a squeeze chroot for old-old-stable, we must keep the functionality of signing the internal repo until we stop supporting squeeze. So I suggest to add a command line flag like --trust-internal-repo which will make sbuild not require keys anymore and will set [trusted=yes] in apt's sources.list. Once we drop support for squeeze we can make that command line flag a no-op and never use keys for the internal repository by default. Does this make sense? Thanks! cheers, josch
signature.asc
Description: signature
