-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2017-03-17 14:10, Unman wrote:
> On Fri, Mar 17, 2017 at 10:49:04AM -0700, cooloutac wrote:
>> On Friday, March 17, 2017 at 1:48:27 PM UTC-4, cooloutac wrote:
>>> On Friday, March 17, 2017 at 1:17:10 PM UTC-4, Unman wrote:
>>>> On Fri, Mar 17, 2017 at 04:38:17PM +0000, faber wrote:
>>>>> I have a Debian-9 StandaloneVM that I recently am unable to start it.
>>>>> The only thing I've done, before getting stuck there, was removing
>>>>> libreoffice (all packages), jack, mutt and icedove, nothing special.
>>>>>
>>>>> logs from /var/log/xen/console/guest-dev.log:
>>>>>
>>>>> https://share.riseup.net/#jt9PHXk7pbpDkz0ZKmwy7g
>>>>>
>>>>>
>>>>> If you need anything else, please let me know!
>>>>
>>>> If you start it using qvm-start what error do you see?
>>>> Once you have started it can you attah to the console from dom0 using
>>>> (as root) xl console <name> ?
>>>
>>> ya and if you can do that check apt log.  I kill my debian system all the 
>>> time removing or installing packages.  I blindly click yes and don't 
>>> realize its asking me if it can kill my system by removing desktop haha.
>>>
>>> after reading about how when updating a template you could accidentally 
>>> click yes to a not verified key I had to tell my family to make sure they 
>>> read for that specific thing especially before hitting y. (this has nothing 
>>> to do with your issue sorry)
>>
>> and when that happens you just keep trying till it gets a valid key.
>>
> 
> I hope this was a joke.
> I have no sense of humour - do NOT do this.
> It's a common situation and you will find many answers with a simple
> search.
> 

I'm unclear about the disagreement here. I understood cooloutac as saying:

Sometimes, apt-get may download a package with an invalid signature.
In that case, you should not install the invalidly signed package.
Instead, you should re-download the package (and let apt-get re-check
the signature), e.g., after a period of time, from a different server,
or via a different connection, until you get a validly signed package,
and only then proceed with installing that package.

If that's what cooloutac meant, then I'm not sure I see the problem
with that approach. Isn't that what we *should* do in that situation?

P.S. - Let's keep the discussion civil and productive, please.

- -- 
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYzcRHAAoJENtN07w5UDAwv38P/idMKPQlh+1hqJmlPwQJJHVq
TjXSUJnS3AL2kX9WGmAbID1cPl3SxHG8ElDWbU5CxnJ7CdgffIV4CRqBcxo/z75H
6ggMHBKQuZXTUzKTU8IObHwy2A2wTo6RYNYsVO93GFiPsRGQnrXOYxcQ2jFhvZsM
Hsih4Eg60Rbv/pbagWcooVfKDhMrqMHR+tnBBJzcXEwwgqVl2vhCcvzeL/ZeYfAN
Z1nCenv42AQ601hKIDkD8+CgbXzCxAPtQQ7vXHAYq9W8UL/nWRzSbT3L5ih2Z7JW
NUoNJ3NmMXPj11uf7EnZb+NY1mA70njdCQ0HdxiXB6iAZVQ8fJ0Fz6juyFie6RyP
murVctv1Btgz6FR5clKfS9tIFxZJ2bTtPtFNTeiOZInDqIyJLr662Ji/i8Qql6b2
aTfk0PxSWiDhXeyyBy6NuCckDRvUWyb0FNXJBLNUTzNR8zAuAuR+/jnwTdT+Q/YY
v9Ja6LoqH3s7nfluxi4Zm4TInd/I7XkehYdikm+O4D9re4haoPJkYGfiMzc+g6qH
vDMbGWttj7Tc0wQbmItbb31Nr1/R13wAfST9XMXQS0pav9zOS6J3yOy0Lu8aiQyU
vcB2lP2cQon5capDrP8fatb4mEpRORdBwJ5tv+N2Tqq3tshzxaxJ6AhgzPDHUJmu
punfqhmLEuvp2TodREZT
=xrUX
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/79d67fad-7d94-dd2e-0a38-7df99697717e%40qubes-os.org.
For more options, visit https://groups.google.com/d/optout.

Reply via email to