search

crowdsecurity / crowdsec

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
https://crowdsec.net
MIT License
8.87k stars 459 forks source link

Debian 11 : apt error NO_PUBKEY on install #2002

Closed OcelotNat closed 1 year ago

OcelotNat commented 1 year ago

What happened?

Installing Crowdsec on a new installed Debian 11 : curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | bash -> No error apt update Réception de :5 https://packagecloud.io/crowdsec/crowdsec/debian bullseye InRelease [24,7 kB] Err :5 https://packagecloud.io/crowdsec/crowdsec/debian bullseye InRelease Les signatures suivantes n'ont pas pu être vérifiées car la clé publique n'est pas disponible : NO_PUBKEY 9EB2753BF09DFB77

What did you expect to happen?

An 'apt update' without error to be able to install crowdsec.

How can we reproduce it (as minimally and precisely as possible)?

Install a fresh Debian 11(.6) curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | bash apt update

Anything else we need to know?

solution : mv /etc/apt/keyrings/crowdsec_crowdsec-archive-keyring.gpg /usr/share/keyrings/

/etc/apt/sources.list.d/crowdsec_crowdsec.list : replace [signed-by=/etc/apt/keyrings/crowdsec_crowdsec-archive-keyring.gpg] with [signed-by=/usr/share/keyrings/crowdsec_crowdsec-archive-keyring.gpg]

apt update -> work

Crowdsec version

2023/01/18 17:45:42 version: v1.4.4-debian-pragmatic-8d0af73a4fb24ef8416e598d891c6e5e5501ede5 2023/01/18 17:45:42 Codename: alphaga 2023/01/18 17:45:42 BuildDate: 2023-01-05_10:38:38 2023/01/18 17:45:42 GoVersion: 1.19.2 2023/01/18 17:45:42 Platform: linux 2023/01/18 17:45:42 Constraint_parser: >= 1.0, <= 2.0 2023/01/18 17:45:42 Constraint_scenario: >= 1.0, < 3.0 2023/01/18 17:45:42 Constraint_api: v1 2023/01/18 17:45:42 Constraint_acquis: >= 1.0, < 2.0

OS version

```console # On Linux: $ cat /etc/os-release PRETTY_NAME="Debian GNU/Linux 11 (bullseye)" NAME="Debian GNU/Linux" VERSION_ID="11" VERSION="11 (bullseye)" VERSION_CODENAME=bullseye ID=debian $ uname -a Linux [host] 5.10.0-20-amd64 #1 SMP Debian 5.10.158-2 (2022-12-13) x86_64 GNU/Linux

Enabled collections and parsers

No response

Acquisition config

No response

Config show

No response

Prometheus metrics

No response

Related custom configs versions (if applicable) : notification plugins, custom scenarios, parsers etc.

No response

github-actions[bot] commented 1 year ago

@OcelotNat: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details I am a bot created to help the [crowdsecurity](https://github.com/crowdsecurity) developers manage community feedback and contributions. You can check out my [manifest file](https://github.com/crowdsecurity/crowdsec/blob/master/.github/governance.yml) to understand my behavior and what I can do. If you want to use this for your project, you can check out the [BirthdayResearch/oss-governance-bot](https://github.com/BirthdayResearch/oss-governance-bot) repository.
LaurenceJJones commented 1 year ago

Tried to replicate via digital ocean debian 11

root@debian-s-1vcpu-1gb-intel-lon1-01:~# uname -a
Linux debian-s-1vcpu-1gb-intel-lon1-01 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64 GNU/Linux
root@debian-s-1vcpu-1gb-intel-lon1-01:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 11 (bullseye)
Release:        11
Codename:       bullseye
root@debian-s-1vcpu-1gb-intel-lon1-01:~# curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | bash
Detected operating system as debian/bullseye.
Checking for curl...
Detected curl...
Checking for gpg...
Detected gpg...
Detected apt version as 2.2.4
Running apt-get update... done.
Installing debian-archive-keyring which is needed for installing 
apt-transport-https on many Debian systems.
Installing apt-transport-https... done.
Installing /etc/apt/sources.list.d/crowdsec_crowdsec.list...done.
Importing packagecloud gpg key... Packagecloud gpg key imported to /etc/apt/keyrings/crowdsec_crowdsec-archive-keyring.gpg
done.
Running apt-get update... done.

The repository is setup! You can now install packages.
root@debian-s-1vcpu-1gb-intel-lon1-01:~#

Might be proxmox image does not ship with a package the install script needs

OcelotNat commented 1 year ago

LaurenceJJones really sorry for the waste of your time, i don't be able to reproduce the bug. It wasn't on a Proxmox install, but well a Debian (+ Proxmox-backup-client). I'll re-open the bug if I find how to reproduce the problem.