Package: apt Version: 0.7.20.2+lenny1 Severity: normal Hello,
when I set APT::Authentication::TrustCDROM "false"; I can import the original cdrom with apt-cdrom add. If I try to import a signed CD-ROM I get the following error: # apt-cdrom add Using CD-ROM mount point /cdrom/ Unmounting CD-ROM Waiting for disc... Please insert a Disc in the drive and press enter Mounting CD-ROM... Identifying.. [2b17ce42747853c1d4d0119cebd5d574-2] Scanning disc for index files.. Found 1 package indexes, 0 source indexes, 0 translation indexes and 1 signatures Found label 'Debian GNU/Linux 5.0.4 _Lenny_ - Official i386 CD Binary-1 20100131-18:53' This disc is called: 'Debian GNU/Linux 5.0.4 _Lenny_ - Official i386 CD Binary-1 20100131-18:53' Copying package lists...gpgv: Signature made Tue 20 Apr 2010 06:17:29 PM CEST using RSA key ID E0E2DBA4 gpgv: Can't check signature: public key not found E: Sub-process gpgv returned an error code (2) W: Signature verification failed for: /cdrom/dists/lenny/Release.gpg I have to unmount the cdrom now. Blocking is the correct behaviour, but I have to unmount manual. # umount /media/cdrom0 Then I import the signing key used to sign the CD-ROM into the keyring of the trusted repositories i.e. /etc/apt/trusted.gpg # gpg -a --export 548ED131 | apt-key add - # apt-cdrom add Using CD-ROM mount point /cdrom/ Unmounting CD-ROM Waiting for disc... Please insert a Disc in the drive and press enter Mounting CD-ROM... Identifying.. [2b17ce42747853c1d4d0119cebd5d574-2] Scanning disc for index files.. Found 1 package indexes, 0 source indexes, 0 translation indexes and 1 signatures Found label 'Debian GNU/Linux 5.0.4 _Lenny_ - Official i386 CD Binary-1 20100131-18:53' This disc is called: 'Debian GNU/Linux 5.0.4 _Lenny_ - Official i386 CD Binary-1 20100131-18:53' Copying package lists...gpgv: Signature made Tue 20 Apr 2010 06:17:29 PM CEST using RSA key ID 548ED131 gpgv: Good signature from "secXtreme GmbH Debian Archive Signing Key (2009) <[email protected]>" Reading Package Indexes... Done Writing new source list Source list entries for this disc are: deb cdrom:[Debian GNU/Linux 5.0.4 _Lenny_ - Official i386 CD Binary-1 20100131-18:53]/ lenny main Unmounting CD-ROM... Repeat this process for the rest of the CDs in your set. If I import an unsigned CD-ROM it is always imported. Why does apt-cdrom not prevent the import of an unsigned CD-ROMs? Regards Andreas -- Package-specific info: -- apt-config dump -- APT ""; APT::Architecture "i386"; APT::Build-Essential ""; APT::Build-Essential:: "build-essential"; APT::Install-Recommends "1"; APT::Install-Suggests "0"; APT::Acquire ""; APT::Acquire::Translation "environment"; APT::Authentication ""; APT::Authentication::TrustCDROM "false"; APT::NeverAutoRemove ""; APT::NeverAutoRemove:: "^linux-image.*"; APT::NeverAutoRemove:: "^linux-restricted-modules.*"; APT::Cache-Limit "100000000"; APT::Periodic ""; APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Download-Upgradeable-Packages "0"; APT::Periodic::AutocleanInterval "0"; APT::Update ""; APT::Update::Post-Invoke-Success ""; APT::Update::Post-Invoke-Success:::: "touch /var/lib/apt/periodic/update-success-stamp 2>/dev/null || true"; APT::Archives ""; APT::Archives::MaxAge "30"; APT::Archives::MinAge "2"; APT::Archives::MaxSize "500"; Dir "/"; Dir::State "var/lib/apt/"; Dir::State::lists "lists/"; Dir::State::cdroms "cdroms.list"; Dir::State::userstatus "status.user"; Dir::State::status "/var/lib/dpkg/status"; Dir::Cache "var/cache/apt/"; Dir::Cache::archives "archives/"; Dir::Cache::srcpkgcache "srcpkgcache.bin"; Dir::Cache::pkgcache "pkgcache.bin"; Dir::Etc "etc/apt/"; Dir::Etc::sourcelist "sources.list"; Dir::Etc::sourceparts "sources.list.d"; Dir::Etc::vendorlist "vendors.list"; Dir::Etc::vendorparts "vendors.list.d"; Dir::Etc::main "apt.conf"; Dir::Etc::parts "apt.conf.d"; Dir::Etc::preferences "preferences"; Dir::Bin ""; Dir::Bin::methods "/usr/lib/apt/methods"; Dir::Bin::dpkg "/usr/bin/dpkg"; Dir::Log "var/log/apt"; Dir::Log::Terminal "term.log"; Acquire ""; Acquire::Pdiffs "false"; Acquire::ForceHash "sha256"; Unattended-Upgrade ""; Unattended-Upgrade::Allowed-Origins ""; Unattended-Upgrade::Allowed-Origins:: "Debian stable"; DPkg ""; DPkg::Pre-Install-Pkgs ""; DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true"; DPkg::Post-Invoke ""; DPkg::Post-Invoke:: "if [ -x /usr/bin/debsums ]; then /usr/bin/debsums --generate=nocheck -sp /var/cache/apt/archives; fi"; DPkg::Post-Invoke:: "if [ -d /var/lib/update-notifier ]; then touch /var/lib/update-notifier/dpkg-run-stamp; fi"; -- (no /etc/apt/preferences present) -- -- /etc/apt/sources.list -- deb cdrom:[Debian GNU/Linux 5.0.4 _Lenny_ - Official i386 CD Binary-1 20100131-18:53]/ lenny main deb http://security.debian.org/ lenny/updates main non-free deb http://ftp.de.debian.org/debian/ lenny main non-free contrib #deb http://ftp.de.debian.org/debian/ testing main non-free contrib #deb http://ftp.de.debian.org/debian/ experimental main non-free contrib deb-src http://ftp.de.debian.org/debian/ lenny main deb-src http://security.debian.org/ lenny/updates main deb http://volatile.debian.org/debian-volatile lenny/volatile main deb-src http://volatile.debian.org/debian-volatile lenny/volatile main -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages apt depends on: ii debian-archive-keyring 2009.01.31 GnuPG archive keys of the Debian a ii libc6 2.7-18lenny2 GNU C Library: Shared libraries ii libgcc1 1:4.3.2-1.1 GCC support library ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3 apt recommends no packages. Versions of packages apt suggests: pn apt-doc <none> (no description available) ii aptitude 0.4.11.11-1~lenny1 terminal-based package manager ii bzip2 1.0.5-1 high-quality block-sorting file co ii dpkg-dev 1.14.29 Debian package development tools ii lzma 4.43-14 Compression method of 7z format in ii python-apt 0.7.7.1+nmu1 Python interface to libapt-pkg ii synaptic 0.62.1+nmu1 Graphical package manager -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

