On Thu, Dec 30, 2010 at 06:21:31PM +0100, Cyril Brulebois wrote: > Roger Leigh <rle...@codelibre.net> (29/12/2010): > > This is a one-time only event. Once the key is generated (which you > > can do with "sbuild-update -k" on another system or outside a > > package build at your leisure) the same key will be used for all > > subsequent builds. > > One-time.. per host? Or per chroot?
Per host. It's stored in /var/lib/sbuild/apt-keys . > > The current strategy is to allow you to generate your own key and > > put it in place. If you haven't done that, it will autogenerate one > > the first time it's needed. For buildds, you'll probably want to > > generate one elsewhere and copy it cover. Note this is in the > > release notes (NEWS.gz) for release 0.60.6. > > Which apt-listchanges doesn't show, so.. It's in the upstream changelog and NEWS. > > If you have any thoughts on how we can do this better, that would be > > great. apt and aptitude want the local archive signing, so we do it > > for that. If using the "internal" resolver, no key is needed. > > Since you changed the default (which is another story, sigh), I'm not > using the internal resolver anymore. As mentioned on IRC, the default has *not* been changed. Also, as discussed on IRC, we will solve this by bailing out with an error when the key is absent. This will require the user to generate a key. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
signature.asc
Description: Digital signature