okaestne
commented
2 years ago We should not store the keys in /usr, but in /etc/apt/keyrings like recommended in man 8 apt-key
Closed Go-rom closed 1 year ago
okaestne
commented
2 years ago We should not store the keys in /usr, but in /etc/apt/keyrings like recommended in man 8 apt-key
clefebvre
commented
2 years ago This is fixed in mintsources 2.1.10. Please test and let me know if this is OK.
clefebvre
commented
2 years ago And here's 2.1.11, which fixes the PPA browser (the Open button in the PPA view).
Go-rom
commented
2 years ago Thank you @clefebvre for the fix.
Test is done, i've got one question : does it imply that we have to add manually the keys in /etc/apt/keyrings ?
Currently, it seems to be the case. I've got no problem with that, just to be sure about the expected behaviour.
VA1DER
commented
2 years ago We should not store the keys in
/usr, but in/etc/apt/keyringslike recommended inman 8 apt-key
apt-key is deprecated
This is fixed in...
I just tested the new version. What has changed? It still seems to use apt-key to manage signing keys, and they are still being stored in /etc/apt/trusted.gpg.
navid-zamani
commented
1 year ago PPAs are still completely broken in Mint. There is still no higher version available via automatic updates, than v2.1.9. No PPAs can be used, because the tools do not add the keys in the new way and so apt just ignores them.
Since Mint is by design generally quite outdated, PPAs are often necessary for normal work, and so this means Mint itself is currently broken for many users. So this is a rather … high-priority bug. I don’t understand why Mint is left to rot for literal months.
What can we users do to get a working version into the official repositories no that a simple update fixes it?
I get this every time I update:
W:http://ppa.launchpad.net/cappelikan/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details., W:An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://oem.archive.canonical.com/updates focal-qemu InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F9FDA6BED73CDC22, W:http://security.ubuntu.com/ubuntu/dists/jammy-security/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details., W:Conflicting distribution: http://security.ubuntu.com/ubuntu jammy-security InRelease (expected jammy-security but got jammy), W:Skipping acquire of configured file 'restricted/binary-i386/Packages' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/binary-amd64/Packages' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/i18n/Translation-de' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/i18n/Translation-en' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/dep11/Components-amd64.yml' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/dep11/icons-48x48.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/dep11/icons-64x64.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/dep11/icons-64x64@2.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/dep11/icons-128x128.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/Contents-amd64' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/Contents-i386' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'restricted/cnf/Commands-amd64' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'restricted' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/binary-amd64/Packages' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/binary-i386/Packages' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/i18n/Translation-en' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/i18n/Translation-de' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/dep11/Components-amd64.yml' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/dep11/icons-48x48.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/dep11/icons-64x64.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/dep11/icons-64x64@2.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/dep11/icons-128x128.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/Contents-amd64' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/Contents-i386' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'universe/cnf/Commands-amd64' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'universe' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/binary-amd64/Packages' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/binary-i386/Packages' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/i18n/Translation-de' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/i18n/Translation-en' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/dep11/Components-amd64.yml' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/dep11/icons-48x48.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/dep11/icons-64x64.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/dep11/icons-64x64@2.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/dep11/icons-128x128.tar' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/Contents-amd64' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/Contents-i386' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:Skipping acquire of configured file 'multiverse/cnf/Commands-amd64' as repository 'http://security.ubuntu.com/ubuntu jammy-security InRelease' doesn't have the component 'multiverse' (component misspelt in sources.list?), W:http://ppa.launchpad.net/maarten-fonville/android-studio/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details., W:Failed to fetch http://oem.archive.canonical.com/updates/dists/focal-qemu/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F9FDA6BED73CDC22, W:Some index files failed to download. They have been ignored, or old ones used instead.
Go-rom
commented
1 year ago @navid-zamani I just upgraded to LM 21.1 and it works perfectly. Now when i add a new PPA, related key is correctly registered.
ABout the old PPAs before upgrade, i had to re-import them and delete the old ones.
Go-rom
commented
1 year ago IMHO, this issue can be closed.
Thank you @clefebvre and your team, such a pleasure to use Linux Mint on a daily basis :+1:
Hi
I would like to report a minor issue with Mintsources
As you already know i think, apt-key is deprecated and now each "apt update" triggers this kind of warning :
http://ppa.launchpad.net/libreoffice/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for detailsIn order to avoid these warnings, we have to manually do it the new way by adding the keys into dedicated keyrings and update sources.list entries like this :
The new way also implies to replace http://ppa.launchpad.net/ by https://ppa.launchpadcontent.net/ but i know that a ticket is already opened about this.
Problem is Mintsources extracts a part of the deb line to display a title for each entry and it's now messed up with the part between brackets. Here's a screenshot :
In the same way, manually replace lauchpad URL also causes a similar issue.