search

blue-systems / netrunner-issues-old

Todos for Netrunner Desktop Releases
0 stars 0 forks source link

apt spits out warnings about trusted.gpg #139

Closed llelectronics closed 5 years ago

llelectronics commented 5 years ago 
W: http://dci.ds9.pub/netrunner/dists/netrunner-next/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.

W: http://snapshot.debian.org/archive/debian/20190101/dists/testing/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.

W: https://repo.skype.com/deb/dists/stable/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.

llelectronics commented 5 years ago

Can't reproduce on current live system. Strange

notuxius commented 5 years ago

Here it says that 'Software Sources' app may be the culprit https://lists.debian.org/debian-user/2018/02/msg00369.html Upstream Debian https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867681

llelectronics commented 5 years ago

Thanks very important finding. also for errata. it isn't a blocker for now as we ship the trusted keys in trusted.gpg.d folder and it only spits out warnings and no errors.

star-buck commented 5 years ago

this warning is crucial to get rid of though as it demonstrates a broken and potential dangerous system to any user even if they dont understand the implications. So while not being a technical blocker, it is absolutely a psychological blocker seeing something like this: screenshot_20181222_152519

star-buck commented 5 years ago

is this a viable workaround as suggested in one of the comments?

Deleting /etc/apt/trusted.gpg file and adding keys via apt-key workaroud the 
problem ...
star-buck commented 5 years ago

is this still correct/needed: screenshot_20181222_155021

llelectronics commented 5 years ago

Yes this is still correct and needed. Those are the keys working. The issue is that synaptic is broken. Whenever you open it it breaks the trusted.gpg file.

star-buck commented 5 years ago

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867681 The bug report has 2 entries and is from mid-2017, so i strongly disagree that this isnt solved as otherwise this would mean millions of affected users and no one ignoring such a severe visual break. This I didnt remember seeing any of these in last release 18.03 nor any of the ISOs in the beginning?

star-buck commented 5 years ago

"visually break", not functionality

llelectronics commented 5 years ago

That is the correct bug report for software-properties. I retested it with a clean install and as soon as I open software-properties-kde it creates the trusted.gpg file which is not readable by _apt and also if I make it readable by apt broken anyway. So the bug is still valid and not fixed yet. Not opening software-properties and you won't have that issue.

llelectronics commented 5 years ago

Update. I tested with the debs from Ubuntu which seem to be way newer and they fix the handling of trusted.gpg. So using those the issue does not happen. I created a new software-properties github repo on ds9-extras providing the sources from ubuntu. @shadeslayer if you update dci to grab this new repo so it can build software-properties from there we can get this fixed.

star-buck commented 5 years ago

Great.