Closed reraikes closed 3 weeks ago
ln -s /usr/share/keyrings/raspbian-archive-keyring.gpg /etc/apt/trusted.gpg.d/raspbian-archive-keyring.gpg
rm /etc/apt/trusted.gpg
apt update
The fix works great, thanks!
ln -s /usr/share/keyrings/raspbian-archive-keyring.gpg /etc/apt/trusted.gpg.d/raspbian-archive-keyring.gpg rm /etc/apt/trusted.gpg
Closing since the issue is with the Raspbian repo. https://bugs.launchpad.net/raspbian
There is already a related bug report from 2020, as apt-key
has been deprecated much earlier. I'll refresh it, since now a 2nd warning appeared: https://bugs.launchpad.net/raspbian/+bug/1727874
However, AFAIK, Raspbian maintainers are volunteers, hence it might not be solved quickly, and it would be better to contribute the fix directly. Does anyone know whether Raspbian's own package code is hosted somewhere publicly?
The issue is in raspbian-archive-keyring
's postinst
maintainer script:
#! /bin/sh
# postinst script for raspbian-archive-keyring
set -e
case "$1" in
configure)
apt-key add /usr/share/keyrings/raspbian-archive-keyring.gpg > /dev/null
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0
apt-key add
is deprecated, and stores the key in the now additionally deprecated /etc/apt/trusted.gpg
. The command could replaced with above symlink generation instead, or the package could ship /etc/apt/trusted.gpg.d/raspbian-archive-keyring.gpg
directly, which is how debian-archive-keyring
does it, though in ASCII-armored format since Bookworm.
root@raspberrypi:~# apt update Hit:1 http://archive.raspberrypi.com/debian bookworm InRelease Hit:2 http://raspbian.raspberrypi.com/raspbian bookworm InRelease Reading package lists... Done Building dependency tree... Done Reading state information... Done All packages are up to date. W: http://raspbian.raspberrypi.com/raspbian/dists/bookworm/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.