Currently the DEB file is failing verification. It's been a while but based on my install scripts that I used, I'm fairly certain that the DEB file used to verify. The issue is that the DEB file itself is not being signed.
The solution is to add a step to the build process that runs something like:
Origin Signature check failed. This deb might not be signed.
Expected Behavior
I expect that there will be a message stating that the DEB file is valid.
System (please complete the following information):
Platform: Linux
Operating System: Ubuntu
Virtualization: N/A
Jellyfin Version: DEB file is 10.8.13
Jellyfin-FFmpeg Version: N/A
Hardware Acceleration: N/A
CPU & GPU Model: N/A
Additional Information:
It should also be straightforward to sign the .changes and .dsc files as well which would be useful for others. Although for my purposes I only really care about verifying the actual DEB that I'm going to install directly.
Describe The Bug
Currently the DEB file is failing verification. It's been a while but based on my install scripts that I used, I'm fairly certain that the DEB file used to verify. The issue is that the DEB file itself is not being signed.
The solution is to add a step to the build process that runs something like:
This will add a file to the DEB file that includes a signature.
Steps To Reproduce
/usr/share/debsig/keyrings/49023CD01DE21A7B/debsig.gpg
/etc/debsig/policies/49023CD01DE21A7B/debsig.pol
debsig-verify ./<jellyfin_deb_file>.deb
Example
debsig.pol
file:Actual Behavior
Message stating:
Expected Behavior
I expect that there will be a message stating that the DEB file is valid.
System (please complete the following information):
Additional Information:
It should also be straightforward to sign the
.changes
and.dsc
files as well which would be useful for others. Although for my purposes I only really care about verifying the actual DEB that I'm going to install directly.