[Bug 838299] Re: Installing debian-archive-keyring does not activate the Debian keyring

Dimitri John Ledkov launchpad at surgut.co.uk
Fri Apr 21 16:14:59 UTC 2017 

@ Daniel

No, they should not. Most of the time, debian-archive-keyring is not
installed to access debian repositories directly, but to have access to
/usr/share/keyrings/debian-archive-keyring.gpg to validate repositories
when debootstraping debian releases in schroots/containers/etc. For
example, mk-sbuild uses /usr/share/keyrings/debian-archive-keyring.gpg
to validate chroots when creating build environments for the Debian
releases.

The host system apt, should not be trusting debian repositories, as
installing debian binaries on ubuntu may result in broken and
incompatible sets of packages. (e.g. due to toolchain differences
packages may effectively have incompatible ABIs).

** Changed in: debian-archive-keyring (Ubuntu)
       Status: Fix Released => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/838299

Title:
  Installing debian-archive-keyring does not activate the Debian keyring

Status in apt package in Ubuntu:
  Invalid
Status in debian-archive-keyring package in Ubuntu:
  Won't Fix
Status in ubuntu-keyring package in Ubuntu:
  Invalid

Bug description:
  Installing the debian-archive-keyring package should add the
  appropriate keys to the apt keychain, but it does not.

  I have debugged this a while ago and if I remember correctly, it is
  caused by ubuntu-keyring interfering here.

  From what I can see /etc/apt/trusted.gpg.d/ should be a good place to
  put both the Debian and Ubuntu keyrings.

  I have added Debian's unstable and testing sources, and am getting the following error, although debian-archive-keyring is installed:
  Reading package lists... Done
  W: GPG error: http://ftp.de.debian.org unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AED4B06F473041FA
  W: GPG error: http://ftp.de.debian.org testing InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AED4B06F473041FA

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: debian-archive-keyring 2010.08.28
  ProcVersionSignature: Ubuntu 2.6.38-11.48-generic-pae 2.6.38.8
  Uname: Linux 2.6.38-11-generic-pae i686
  Architecture: i386
  Date: Wed Aug 31 20:11:38 2011
  EcryptfsInUse: Yes
  InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release i386 (20110427.1)
  PackageArchitecture: all
  ProcEnviron:
   LANGUAGE=en_US:en
   PATH=(custom, user)
   LANG=en_US.UTF-8
   SHELL=/usr/bin/zsh
  SourcePackage: debian-archive-keyring
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/838299/+subscriptions

More information about the foundations-bugs mailing list