Bug#679022: does not state domain of unauthenticated/unsigned packages
On 27 June 2012 00:11, Richard Betham rich...@betham.org.uk wrote: I have copied the directory trees /media/cdrom0/pool , and /media/cdrom0/dists to a new directory /wheezy/. I have altered /etc/apt/sources.list to: deb file:///wheezy/ wheezy contrib main I am testing debian-testing-i386-DVD-1.iso . A wheezy cd image here has no Release.gpg or InRelease files required for verification. If your image is similar and you do trust it, sources.list can be altered to indicate this: deb [ trusted=yes ] file:///wheezy/ wheezy contrib main I would like to know where unsigned-for packages are before I decide whether to install. Noted. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679022: does not state domain of unauthenticated/unsigned packages
Thank you very much for your e-mail. If only I had used: man sources.list and searched for 'trust', then I need not have troubled you. Very best regards Richard Betham On Wednesday 27 June 2012 08:26:16 Daniel Hartwig wrote: On 27 June 2012 00:11, Richard Betham rich...@betham.org.uk wrote: I have copied the directory trees /media/cdrom0/pool , and /media/cdrom0/dists to a new directory /wheezy/. I have altered /etc/apt/sources.list to: deb file:///wheezy/ wheezy contrib main I am testing debian-testing-i386-DVD-1.iso . A wheezy cd image here has no Release.gpg or InRelease files required for verification. If your image is similar and you do trust it, sources.list can be altered to indicate this: deb [ trusted=yes ] file:///wheezy/ wheezy contrib main I would like to know where unsigned-for packages are before I decide whether to install. Noted. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679022: does not state domain of unauthenticated/unsigned packages
I have copied the directory trees /media/cdrom0/pool , and /media/cdrom0/dists to a new directory /wheezy/. I have altered /etc/apt/sources.list to: deb file:///wheezy/ wheezy contrib main . Then I gave command : aptitude install ttf-dejavu . It gave the same result as before. It failed to state that these packages were in my machine. I would like to know where unsigned-for packages are before I decide whether to install. Best Regards Richard Betham On Tuesday 26 June 2012 03:08:34 Daniel Hartwig wrote: On 26 June 2012 01:43, Richard Betham rich...@betham.org.uk wrote: WARNING: untrusted versions of the following packages will be installed! I had edited the file /etc/apt/sources.list, its contents are: deb file:///media/cdrom0/ wheezy contrib main . Such sources should be configured by apt-cdrom(8); if you do so then you should not receive the warning. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679022: does not state domain of unauthenticated/unsigned packages
Package: aptitude Version: 0.6.7-1 I am testing debian-testing-i386-DVD-1.iso . I gave command: aptitude install ttf-dejavu . the response included The following NEW packages will be installed: ttf-dejavu ttf-dejavu-extra{a} 0 packages upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B/3530 kB of archives. After unpacking 6795 kB will be used. Do you want to continue? [Y/n?] I responded Y It responded WARNING: untrusted versions of the following packages will be installed! It did not tell me where these packages would come from. I would like to know the domain names of the repositories, and possibly the dist names BEFORE I decide whether to proceed with the installation. In command-line mode, perhaps a list on domain names and 'dists' is best. In interactive mode, where aptitude displays a list of unsigned packages, perhaps it could show the domain name and 'dist' for each package. If the packages are on my hard disk drive, or on a CD-ROM in my computer, then I can make a decision. If the packages are elsewhere, accessible only over the Internet, then I require a digital signature. I had edited the file /etc/apt/sources.list, its contents are: debfile:///media/cdrom0/ wheezy contrib main . If people update their computers over Wi-Fi links, then the digital signature on the Release package is important. I have filed a bug report about this as a bug in package 'apt', Bug#678990 . However, if 'apt' is altered, then perhaps 'aptitude' should also be altered. Thank you very much for maintaining 'aptitude', I find it very useful. Best regards Richard Betham -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#679022: does not state domain of unauthenticated/unsigned packages
On 26 June 2012 01:43, Richard Betham rich...@betham.org.uk wrote: WARNING: untrusted versions of the following packages will be installed! I had edited the file /etc/apt/sources.list, its contents are: deb file:///media/cdrom0/ wheezy contrib main . Such sources should be configured by apt-cdrom(8); if you do so then you should not receive the warning. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org