Re: gpg errors NO_PUBKEY after aptitude update
Yes, that solution is more secure, as I think 02 окт. 2014 г. 1:08 пользователь Floris jkflo...@dds.nl написал: Op Wed, 01 Oct 2014 09:18:10 +0200 schreef Valery Mamonov valerymamo...@gmail.com: 2014-10-01 11:02 GMT+04:00 Ansgar Burchardt ans...@debian.org: severity 647001 important thanks Hi, Valery Mamonov valerymamo...@gmail.com writes: 2014-10-01 3:30 GMT+04:00 Ansgar Burchardt ans...@43-1.org: Valery Mamonov valerymamo...@gmail.com writes: I'm experiencing some troubles with updating my debian machine. After aptitude update i'm having multiple errors like these: W: GPG error: http://deb.ianod.es unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 Hmm, all the keys APT complains about come from /etc/apt/trusted.gpg? What happens if you move them to a file in /etc/apt/trusted.gpg.d? After moving trusted.gpg from /etc/apt to /etc/apt/trusted.gpg.d all keys were missing. I have manually added keys, but after 'aptitude update' I've got same result - all keys not found. The size of new /etc/apt/trusted.gpg was 0 kb. The size of new /etc/apt/trusted.gpg.d/trusted.gpg was ~106 kb. Are you using apt from experimental? With apt_1.1~exp3 I could reproduce the issue: /etc/apt/trusted.gpg is not world-readable and apt now uses a _apt user for some tasks. So it cannot access the public keys for verification. Please try making the keyring world-readable (chmod a+r ...). Ansgar Yes, i'm using apt from experimental: LANG=C apt-cache policy apt apt: Installed: 1.1~exp3 Candidate: 1.0.9.1 Version table: *** 1.1~exp3 0 1110 http://mirror.yandex.ru/debian/ experimental/main amd64 Packages 1110 ftp://ftp.de.debian.org/debian/ experimental/main amd64 Packages 1110 ftp://mirror.mephi.ru/debian/ experimental/main amd64 Packages 1110 http://mirrors.kernel.org/debian/ experimental/main amd64 Packages 100 /var/lib/dpkg/status So I made /etc/apt/trusted.gpg world readable and my problem seemed to be solved. I also use the experimental version of apt, and solved the issue with: $ sudo setfacl -m u:_apt:r trusted.gpg I'm not sure, but I think it is a little saver solution. Only the _apt user is allowed to read the file, but correct me if I am wrong. Thanks Ansgar for pointing to a solution, floris
Re: gpg errors NO_PUBKEY after aptitude update
severity 647001 important thanks Hi, Valery Mamonov valerymamo...@gmail.com writes: 2014-10-01 3:30 GMT+04:00 Ansgar Burchardt ans...@43-1.org: Valery Mamonov valerymamo...@gmail.com writes: I'm experiencing some troubles with updating my debian machine. After aptitude update i'm having multiple errors like these: W: GPG error: http://deb.ianod.es unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 Hmm, all the keys APT complains about come from /etc/apt/trusted.gpg? What happens if you move them to a file in /etc/apt/trusted.gpg.d? After moving trusted.gpg from /etc/apt to /etc/apt/trusted.gpg.d all keys were missing. I have manually added keys, but after 'aptitude update' I've got same result - all keys not found. The size of new /etc/apt/trusted.gpg was 0 kb. The size of new /etc/apt/trusted.gpg.d/trusted.gpg was ~106 kb. Are you using apt from experimental? With apt_1.1~exp3 I could reproduce the issue: /etc/apt/trusted.gpg is not world-readable and apt now uses a _apt user for some tasks. So it cannot access the public keys for verification. Please try making the keyring world-readable (chmod a+r ...). Ansgar -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87h9zotgpt@deep-thought.43-1.org
Re: gpg errors NO_PUBKEY after aptitude update
2014-10-01 11:02 GMT+04:00 Ansgar Burchardt ans...@debian.org: severity 647001 important thanks Hi, Valery Mamonov valerymamo...@gmail.com writes: 2014-10-01 3:30 GMT+04:00 Ansgar Burchardt ans...@43-1.org: Valery Mamonov valerymamo...@gmail.com writes: I'm experiencing some troubles with updating my debian machine. After aptitude update i'm having multiple errors like these: W: GPG error: http://deb.ianod.es unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 Hmm, all the keys APT complains about come from /etc/apt/trusted.gpg? What happens if you move them to a file in /etc/apt/trusted.gpg.d? After moving trusted.gpg from /etc/apt to /etc/apt/trusted.gpg.d all keys were missing. I have manually added keys, but after 'aptitude update' I've got same result - all keys not found. The size of new /etc/apt/trusted.gpg was 0 kb. The size of new /etc/apt/trusted.gpg.d/trusted.gpg was ~106 kb. Are you using apt from experimental? With apt_1.1~exp3 I could reproduce the issue: /etc/apt/trusted.gpg is not world-readable and apt now uses a _apt user for some tasks. So it cannot access the public keys for verification. Please try making the keyring world-readable (chmod a+r ...). Ansgar -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87h9zotgpt@deep-thought.43-1.org Yes, i'm using apt from experimental: LANG=C apt-cache policy apt apt: Installed: 1.1~exp3 Candidate: 1.0.9.1 Version table: *** 1.1~exp3 0 1110 http://mirror.yandex.ru/debian/ experimental/main amd64 Packages 1110 ftp://ftp.de.debian.org/debian/ experimental/main amd64 Packages 1110 ftp://mirror.mephi.ru/debian/ experimental/main amd64 Packages 1110 http://mirrors.kernel.org/debian/ experimental/main amd64 Packages 100 /var/lib/dpkg/status So I made /etc/apt/trusted.gpg world readable and my problem seemed to be solved. -- Best regards, Valery Mamonov.
Re: gpg errors NO_PUBKEY after aptitude update
Op Wed, 01 Oct 2014 09:18:10 +0200 schreef Valery Mamonov valerymamo...@gmail.com: 2014-10-01 11:02 GMT+04:00 Ansgar Burchardt ans...@debian.org: severity 647001 important thanks Hi, Valery Mamonov valerymamo...@gmail.com writes: 2014-10-01 3:30 GMT+04:00 Ansgar Burchardt ans...@43-1.org: Valery Mamonov valerymamo...@gmail.com writes: I'm experiencing some troubles with updating my debian machine. After aptitude update i'm having multiple errors like these: W: GPG error: http://deb.ianod.es unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 Hmm, all the keys APT complains about come from /etc/apt/trusted.gpg? What happens if you move them to a file in /etc/apt/trusted.gpg.d? After moving trusted.gpg from /etc/apt to /etc/apt/trusted.gpg.d all keys were missing. I have manually added keys, but after 'aptitude update' I've got same result - all keys not found. The size of new /etc/apt/trusted.gpg was 0 kb. The size of new /etc/apt/trusted.gpg.d/trusted.gpg was ~106 kb. Are you using apt from experimental? With apt_1.1~exp3 I could reproduce the issue: /etc/apt/trusted.gpg is not world-readable and apt now uses a _apt user for some tasks. So it cannot access the public keys for verification. Please try making the keyring world-readable (chmod a+r ...). Ansgar Yes, i'm using apt from experimental: LANG=C apt-cache policy apt apt: Installed: 1.1~exp3 Candidate: 1.0.9.1 Version table: *** 1.1~exp3 0 1110 http://mirror.yandex.ru/debian/ experimental/main amd64 Packages 1110 ftp://ftp.de.debian.org/debian/ experimental/main amd64 Packages 1110 ftp://mirror.mephi.ru/debian/ experimental/main amd64 Packages 1110 http://mirrors.kernel.org/debian/ experimental/main amd64 Packages 100 /var/lib/dpkg/status So I made /etc/apt/trusted.gpg world readable and my problem seemed to be solved. I also use the experimental version of apt, and solved the issue with: $ sudo setfacl -m u:_apt:r trusted.gpg I'm not sure, but I think it is a little saver solution. Only the _apt user is allowed to read the file, but correct me if I am wrong. Thanks Ansgar for pointing to a solution, floris
Re: gpg errors NO_PUBKEY after aptitude update
2014-09-27 18:10 GMT+04:00 Valery Mamonov valerymamo...@gmail.com: NO_PUBKEY 54422A4B98AB5139 removing contents of /etc/apt/trusted.gpg.d/*.gpg, /etc/apt/trusted.gpg and manual adding missing keys didn't work. Only third-party repositories are affected. -- Best regards, Valery Mamonov.
Re: gpg errors NO_PUBKEY after aptitude update
On Tuesday 30 September 2014 11:14:52 Valery Mamonov wrote: Only third-party repositories are affected. You have added the third party keys? Lisi -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/201409301124.28411.lisi.re...@gmail.com
Re: gpg errors NO_PUBKEY after aptitude update
2014-09-30 14:24 GMT+04:00 Lisi Reisz lisi.re...@gmail.com: On Tuesday 30 September 2014 11:14:52 Valery Mamonov wrote: Only third-party repositories are affected. You have added the third party keys? Lisi -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/201409301124.28411.lisi.re...@gmail.com Yes, of course. For example: # gpg --recv-key 54422A4B98AB5139 gpg: requesting key 98AB5139 from hkp server keys.gnupg.net gpg: key 98AB5139: Oracle Corporation (VirtualBox archive signing key) i...@virtualbox.org not changed gpg: Total number processed: 1 gpg: unchanged: 1 # gpg -a --export 54422A4B98AB5139 | apt-key add - OK But nothing changed -- Best regards, Valery Mamonov.
Re: gpg errors NO_PUBKEY after aptitude update
Valery Mamonov valerymamo...@gmail.com writes: I'm experiencing some troubles with updating my debian machine. After aptitude update i'm having multiple errors like these: W: GPG error: http://deb.ianod.es unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 [...] However, all these keys are present: LANG=C apt-key list /etc/apt/trusted.gpg [...] pub 4096R/598C5C38 2012-07-15 uid Filip Chabik (Hadret) had...@gmail.com sub 4096R/630AB798 2012-07-15 Hmm, all the keys APT complains about come from /etc/apt/trusted.gpg? What happens if you move them to a file in /etc/apt/trusted.gpg.d? Ansgar -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87tx3ofzz7@deep-thought.43-1.org
Re: gpg errors NO_PUBKEY after aptitude update
2014-10-01 3:30 GMT+04:00 Ansgar Burchardt ans...@43-1.org: Valery Mamonov valerymamo...@gmail.com writes: I'm experiencing some troubles with updating my debian machine. After aptitude update i'm having multiple errors like these: W: GPG error: http://deb.ianod.es unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 [...] However, all these keys are present: LANG=C apt-key list /etc/apt/trusted.gpg [...] pub 4096R/598C5C38 2012-07-15 uid Filip Chabik (Hadret) had...@gmail.com sub 4096R/630AB798 2012-07-15 Hmm, all the keys APT complains about come from /etc/apt/trusted.gpg? What happens if you move them to a file in /etc/apt/trusted.gpg.d? Ansgar -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87tx3ofzz7@deep-thought.43-1.org After moving trusted.gpg from /etc/apt to /etc/apt/trusted.gpg.d all keys were missing. I have manually added keys, but after 'aptitude update' I've got same result - all keys not found. The size of new /etc/apt/trusted.gpg was 0 kb. The size of new /etc/apt/trusted.gpg.d/trusted.gpg was ~106 kb. -- Best regards, Valery Mamonov.
gpg errors NO_PUBKEY after aptitude update
Hi! I'm experiencing some troubles with updating my debian machine. After aptitude update i'm having multiple errors like these: W: GPG error: http://deb.ianod.es unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 W: GPG error: http://deb.ianod.es experimental InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 498F1DF0598C5C38 W: GPG error: http://repo.ajenti.org main InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY BDC3FBAA53029759 W: GPG error: http://download.tuxfamily.org unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 1392A97E41317877 W: GPG error: http://liquorix.net sid InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3EFF4F272FB2CD80 W: GPG error: http://dicson.no-ip.info unstable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9A8B35945CFC0244 W: GPG error: http://www.duinsoft.nl debs InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E18CE6625CB26B26 W: GPG error: http://notesalexp.org sid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FE04CB66C536B44 W: GPG error: http://repo.acestream.org sid InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 50E2BCF0E3805CD8 W: GPG error: http://packages.siduction.org unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 15CBD88045C45076 W: GPG error: http://download.virtualbox.org wheezy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54422A4B98AB5139 W: GPG error: http://linux.dropbox.com sid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FC918B335044912E W: GPG error: http://dl.google.com stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A040830F7FAC5991 W: GPG error: http://dl.google.com stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A040830F7FAC5991 However, all these keys are present: LANG=C apt-key list /etc/apt/trusted.gpg pub 1024D/7FAC5991 2007-03-08 uid Google, Inc. Linux Package Signing Key linux-packages-keymas...@google.com sub 2048g/C07CB649 2007-03-08 pub 1024D/6DFBCBAE 2008-07-14 uid Sun Microsystems, Inc. (xVM VirtualBox archive signing key) i...@virtualbox.org sub 2048g/78A86EAF 2008-07-14 pub 1024D/0BF795DC 2009-03-20 [expired: 2010-03-20] uid Martin Alfke tux...@gmail.com uid Martin Alfke mar...@ppcnux.de pub 1024D/5CFC0244 2007-11-24 uid gcue2tracks-dev-keyring (gcue2tracks) fomi...@gmail.com uid Fomin Denis fomi...@mail.ru sub 1024g/FE875B4B 2007-11-24 pub 1024D/2FB2CD80 2009-05-11 uid Steven Barrett dame...@gmail.com sub 2048g/AF06A3FF 2009-05-11 pub 1024D/98AB5139 2010-05-18 uid Oracle Corporation (VirtualBox archive signing key) i...@virtualbox.org sub 2048g/281DDC4B 2010-05-18 pub 1024D/433E270B 2009-02-08 [expired: 2011-02-08] uid Filip Chabik (Hadret) had...@gmail.com pub 1024D/41317877 2008-04-27 uid Cairo-Dock Team (Cairo-Dock Official Repository) reposit...@glx-dock.org uid Cairo-Dock Team (Cairo-Dock Official Repository) reposit...@cairo-dock.org uid [jpeg image of size 1197] sub 2048g/00836283 2008-04-27 pub 3072D/6C536B44 2010-01-03 uid Alexander Pozdnyakov alm...@mail.ru sub 3072g/32C56745 2010-01-03 pub 4096R/EE903351 2011-01-23 uid Filip Chabik (Hadret) had...@gmail.com uid Filip Chabik (Hadret) fi...@chabik.com sub 4096R/2FC292BA 2011-01-23 pub 1024D/C4676186 2010-12-23 uid PlayOnLinux Packaging (PlayOnLinux packaging keys) packa...@playonlinux.com pub 2048R/5044912E 2010-02-11 uid Dropbox Automatic Signing Key li...@dropbox.com pub 2048R/53029759 2011-06-12 uid Eugeny Pankov e...@ajenti.org uid Ajenti Packagers e...@ajenti.org sub 2048R/CBABA17C 2011-06-12 pub 1024D/B9FBE3CE 2011-01-22 uid Warren Woodford (MEPIS Maintainers) d...@mepis.org sub 1024g/5C010C44 2011-01-22 pub 2048R/22A63EF6 2011-04-08 uid Steve Clark stevecl...@gmx.com sub 2048R/FD92B23A 2011-04-08 pub 2048R/3E40B160 2011-04-09 uid Steve