On Tue, Apr 20, 2010 at 07:15:39PM +0200, Andreas Miller wrote:
> Package: apt
> Version: 0.7.20.2+lenny1
> Severity: normal
Thanks for your bugreport.
> Hello,
>
> when I set APT::Authentication::TrustCDROM "false"; I can import the original
> cdrom with apt-cdrom add.
>
> If I try to import a signed CD-ROM I get the following error:
>
> # apt-cdrom add
[..]
> If I import an unsigned CD-ROM it is always imported.
> Why does apt-cdrom not prevent the import of an unsigned CD-ROMs?
I'm not entirely sure if I understand the bugreport correctly. So
please correct me if I got the report wrong :)
>From how I read it you want that
"APT::Authentication::TrustCDROM="true" allows apt-cdrom add to add a
cdrom even if the signature can be not verified? If so, here is a diff:
=== modified file 'apt-pkg/indexcopy.cc'
--- apt-pkg/indexcopy.cc 2010-01-08 21:28:49 +0000
+++ apt-pkg/indexcopy.cc 2010-05-07 12:35:49 +0000
@@ -591,7 +591,8 @@
string prefix = *I;
// a Release.gpg without a Release should never happen
- if(!FileExists(*I+"Release"))
+ if(!FileExists(*I+"Release") ||
+ _config->FindB("APT::Authentication::TrustCDROM", false) == true)
{
delete MetaIndex;
continue;
I think it does make sense to allow this and is in line with what the
switch is suppposed to do.
Cheers,
Michael
> Regards
> Andreas
>
> -- Package-specific info:
>
> -- apt-config dump --
>
> APT "";
> APT::Architecture "i386";
> APT::Build-Essential "";
> APT::Build-Essential:: "build-essential";
> APT::Install-Recommends "1";
> APT::Install-Suggests "0";
> APT::Acquire "";
> APT::Acquire::Translation "environment";
> APT::Authentication "";
> APT::Authentication::TrustCDROM "false";
> APT::NeverAutoRemove "";
> APT::NeverAutoRemove:: "^linux-image.*";
> APT::NeverAutoRemove:: "^linux-restricted-modules.*";
> APT::Cache-Limit "100000000";
> APT::Periodic "";
> APT::Periodic::Update-Package-Lists "1";
> APT::Periodic::Download-Upgradeable-Packages "0";
> APT::Periodic::AutocleanInterval "0";
> APT::Update "";
> APT::Update::Post-Invoke-Success "";
> APT::Update::Post-Invoke-Success:::: "touch
> /var/lib/apt/periodic/update-success-stamp 2>/dev/null || true";
> APT::Archives "";
> APT::Archives::MaxAge "30";
> APT::Archives::MinAge "2";
> APT::Archives::MaxSize "500";
> Dir "/";
> Dir::State "var/lib/apt/";
> Dir::State::lists "lists/";
> Dir::State::cdroms "cdroms.list";
> Dir::State::userstatus "status.user";
> Dir::State::status "/var/lib/dpkg/status";
> Dir::Cache "var/cache/apt/";
> Dir::Cache::archives "archives/";
> Dir::Cache::srcpkgcache "srcpkgcache.bin";
> Dir::Cache::pkgcache "pkgcache.bin";
> Dir::Etc "etc/apt/";
> Dir::Etc::sourcelist "sources.list";
> Dir::Etc::sourceparts "sources.list.d";
> Dir::Etc::vendorlist "vendors.list";
> Dir::Etc::vendorparts "vendors.list.d";
> Dir::Etc::main "apt.conf";
> Dir::Etc::parts "apt.conf.d";
> Dir::Etc::preferences "preferences";
> Dir::Bin "";
> Dir::Bin::methods "/usr/lib/apt/methods";
> Dir::Bin::dpkg "/usr/bin/dpkg";
> Dir::Log "var/log/apt";
> Dir::Log::Terminal "term.log";
> Acquire "";
> Acquire::Pdiffs "false";
> Acquire::ForceHash "sha256";
> Unattended-Upgrade "";
> Unattended-Upgrade::Allowed-Origins "";
> Unattended-Upgrade::Allowed-Origins:: "Debian stable";
> DPkg "";
> DPkg::Pre-Install-Pkgs "";
> DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
> DPkg::Post-Invoke "";
> DPkg::Post-Invoke:: "if [ -x /usr/bin/debsums ]; then /usr/bin/debsums
> --generate=nocheck -sp /var/cache/apt/archives; fi";
> DPkg::Post-Invoke:: "if [ -d /var/lib/update-notifier ]; then touch
> /var/lib/update-notifier/dpkg-run-stamp; fi";
>
> -- (no /etc/apt/preferences present) --
>
>
> -- /etc/apt/sources.list --
>
> deb cdrom:[Debian GNU/Linux 5.0.4 _Lenny_ - Official i386 CD Binary-1
> 20100131-18:53]/ lenny main
> deb http://security.debian.org/ lenny/updates main non-free
> deb http://ftp.de.debian.org/debian/ lenny main non-free contrib
> #deb http://ftp.de.debian.org/debian/ testing main non-free contrib
> #deb http://ftp.de.debian.org/debian/ experimental main non-free contrib
> deb-src http://ftp.de.debian.org/debian/ lenny main
>
> deb-src http://security.debian.org/ lenny/updates main
>
> deb http://volatile.debian.org/debian-volatile lenny/volatile main
> deb-src http://volatile.debian.org/debian-volatile lenny/volatile main
>
>
>
>
>
>
>
>
>
> -- System Information:
> Debian Release: 5.0.4
> APT prefers stable
> APT policy: (500, 'stable')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages apt depends on:
> ii debian-archive-keyring 2009.01.31 GnuPG archive keys of the Debian
> a
> ii libc6 2.7-18lenny2 GNU C Library: Shared libraries
> ii libgcc1 1:4.3.2-1.1 GCC support library
> ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3
>
> apt recommends no packages.
>
> Versions of packages apt suggests:
> pn apt-doc <none> (no description available)
> ii aptitude 0.4.11.11-1~lenny1 terminal-based package manager
> ii bzip2 1.0.5-1 high-quality block-sorting file
> co
> ii dpkg-dev 1.14.29 Debian package development tools
> ii lzma 4.43-14 Compression method of 7z format
> in
> ii python-apt 0.7.7.1+nmu1 Python interface to libapt-pkg
> ii synaptic 0.62.1+nmu1 Graphical package manager
>
> -- no debconf information
>
>
>
> --
> To UNSUBSCRIBE, email to deity-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: http://lists.debian.org/20100420171539.3312.67439.report...@ersatznb
>
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
