Re: Access to PPA's
On 4/7/21 2:06 PM, Gary L. Roach wrote: Hi all, Some of my most useful software is only available through Ubuntu PPA's . I can no longer access PPA's since Debian changed their security policies. When trying to access a PPA I get the following: The repository 'http://ppa.launchpad.net/elmer-csc-ubuntu/elmer-csc-ppa/ubuntu hirsute Release' does not have a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. The man page alludes to a couple of different ways to bypass the system but really sketchy about how to apply them. There is at least a half dozen files that could be involved. Further, there is a note that basically says that all of the methods will be discontinued in the future. This would essentially preclude the use of Ubuntu PPA's. The example given is for an elmer-csc package which is one of the most powerful opensource MultiPhysics analysis packages available. Could someone show me how to bypass this security lock. I have never tried this: https://wiki.debian.org/CreatePackageFromPPA in theory it is possible as others have said it might be better to use Ubuntu I usually have other systems on separate partitions/drives for those odd tasks Gary R.
Re: Access to PPA's
Gary L. Roach: > > Some of my most useful software is only available through Ubuntu PPA's . I > can no longer access PPA's since Debian changed their security policies. > When trying to access a PPA I get the following: > > The repository > 'http://ppa.launchpad.net/elmer-csc-ubuntu/elmer-csc-ppa/ubuntu hirsute > Release' does not have a Release file. > N: Updating from such a repository can't be done securely, and is therefore > disabled by default. > N: See apt-secure(8) manpage for repository creation and user configuration > details. > > > The man page alludes to a couple of different ways to bypass the system but > really sketchy about how to apply them. There is at least a half dozen files > that could be involved. I do not find that confusing or sketchy: | You can force all APT clients to raise only warnings by setting the | configuration option Acquire::AllowInsecureRepositories to true. | Individual repositories can also be allowed to be insecure via the | sources.list(5) option allow-insecure=yes. You can set Acquire::AllowInsecureRepositories in, for example, /etc/apt/apt-conf.d/local. This is a standard apt configuration mechanism, see apt.conf(5). For individual repositories you are referred to sources.list(5) which mentions this format: | deb [ option1=value1 option2=value2 ] uri suite [component1] [component2] […] So you can just add allow-insecure=yes after the "deb" keyword (and the following whitespace) like so: deb [allow-insecure=yes] http://deb.debian.org/debian/ buster main Do you understand the implications of this? It basically means that apt will be unable to protect you from installing manipulated packages. Without a Release file, there is no crpytographic signature that could ensure that the packages you are installing contain what the PPA author intends them to contain. > Further, there is a note that basically says that > all of the methods will be discontinued in the future. This would > essentially preclude the use of Ubuntu PPA's. Using packages compiled for a different distribution is always a bad choice. I understand you are saying it is your only choice, but it is still bad and has a high chance of leading to problems. You might be better off using the targeted distribution instead. Not necessarily on bare metal, maybe a VM, a chroot or a container image serve your purposes better. J. -- There is no justice in road accidents. [Agree] [Disagree] <http://archive.slowlydownward.com/NODATA/data_enter2.html> signature.asc Description: PGP signature
Re: Access to PPA's
On 4/8/21 5:06 AM, Gary L. Roach wrote: Hi all, Some of my most useful software is only available through Ubuntu PPA's . I can no longer access PPA's since Debian changed their security policies. When trying to access a PPA I get the following: The repository 'http://ppa.launchpad.net/elmer-csc-ubuntu/elmer-csc-ppa/ubuntu hirsute Release' does not have a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. The man page alludes to a couple of different ways to bypass the system but really sketchy about how to apply them. There is at least a half dozen files that could be involved. Further, there is a note that basically says that all of the methods will be discontinued in the future. This would essentially preclude the use of Ubuntu PPA's. The example given is for an elmer-csc package which is one of the most powerful opensource MultiPhysics analysis packages available. Could someone show me how to bypass this security lock. Gary R. For long term solution, try asking Debian Science Team[1] for this package by sending Request for package / RFP from they source[2], I cc the Debian Science Team maintainer mailing list While waiting, instead of using PPA, how about try using it with docker or VM as I saw they said it also available to use on read me file [1] https://wiki.debian.org/DebianScience [2] https://git.launchpad.net/~elmer-csc-ubuntu/elmercsc/+git/elmer-github-devel/tree/ -- Email : Robbi Nespu PGP fingerprint : D311 B5FF EEE6 0BE8 9C91 FA9E 0C81 FA30 3B3A 80BA PGP key : https://keybase.io/robbinespu/pgp_keys.asc
Re: Access to PPA's
Gary L. Roach wrote: > Hi all, > > Some of my most useful software is only available through Ubuntu PPA's . I > can no longer access PPA's since Debian changed their security policies. > When trying to access a PPA I get the following: > > The repository > 'http://ppa.launchpad.net/elmer-csc-ubuntu/elmer-csc-ppa/ubuntu hirsute > Release' does not have a Release file. > N: Updating from such a repository can't be done securely, and is therefore > disabled by default. > N: See apt-secure(8) manpage for repository creation and user configuration > details. > > > The man page alludes to a couple of different ways to bypass the system but > really sketchy about how to apply them. There is at least a half dozen files > that could be involved. Further, there is a note that basically says that > all of the methods will be discontinued in the future. This would > essentially preclude the use of Ubuntu PPA's. The example given is for an > elmer-csc package which is one of the most powerful opensource MultiPhysics > analysis packages available. > > Could someone show me how to bypass this security lock. The obvious way is to change over to Ubuntu. https://wiki.debian.org/DontBreakDebian there's a bunch of useful advice there. -dsr-
Access to PPA's
Hi all, Some of my most useful software is only available through Ubuntu PPA's . I can no longer access PPA's since Debian changed their security policies. When trying to access a PPA I get the following: The repository 'http://ppa.launchpad.net/elmer-csc-ubuntu/elmer-csc-ppa/ubuntu hirsute Release' does not have a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. The man page alludes to a couple of different ways to bypass the system but really sketchy about how to apply them. There is at least a half dozen files that could be involved. Further, there is a note that basically says that all of the methods will be discontinued in the future. This would essentially preclude the use of Ubuntu PPA's. The example given is for an elmer-csc package which is one of the most powerful opensource MultiPhysics analysis packages available. Could someone show me how to bypass this security lock. Gary R.