Open HomerThreepwood opened 1 year ago
Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as possible. In the meantime, here’s some information that may help as you continue your Salt journey. Please be sure to review our Code of Conduct. Also, check out some of our community resources including:
There are lots of ways to get involved in our community. Every month, there are around a dozen opportunities to meet with other contributors and the Salt Core team and collaborate in real time. The best way to keep track is by subscribing to the Salt Community Events Calendar. If you have additional questions, email us at saltproject@vmware.com. We’re glad you’ve joined our community and look forward to doing awesome things with you!
@HomerThreepwood
I don't know why, but it didn't work before, and I got the same message as you had. Did some things through gpg
, and now it seems to work. I'm using Debian 12 for this container, and using the new apt sources config format:
root@4a4070412c4d:/etc/apt# cat sources.list.d/salt.sources
Types: deb
URIs: https://repo.saltproject.io/salt/py3/debian/11/arm64/latest
Suites: bullseye
Components: main
Signed-By: /etc/apt/keyrings/salt-archive-keyring-2023.gpg
What I did:
# gpg --keyserver hkps://keys-openpgp.org --receive-keys 64CBBC8173D76B3F
# gpg --export --armor 64CBBC8173D76B3F > /etc/apt/keyrings/salt-archive-keyring-2023.pub
# gpg --export 64CBBC8173D76B3F > /etc/apt/keyrings/salt-archive-keyring-2023.gpg
The keys generated through this method were exactly the same as pulled from saltproject.io, so I guess somewhere in this method I must've fixed a typo I overlooked. I see - for my situation - no other reason why this would have worked. Everything seems the same.
Can you please add some details as to what the documentation problem is, including a title for the issue.
@HomerThreepwood , I agree with @OrangeDog : can you add some details around what the documentation problem is and what fix you'd like to see. It sounds like you were having some problems with your GPG keys on Debian.
Did you follow the steps to add the Salt GPG key to your repository? Is there anything about those steps that needs some clarification? For example, did you see the note on the Debian 11 install instructions:
The GPG key for the 3006.1 release is now named: SALT-PROJECT-GPG-PUBKEY-2023. You must import the new GPG key before upgrading or your upgrade will fail.
Can you tell me if you were upgrading or running a fresh install?
For some reason we had 0750 permissions on /etc/apt/keyrings folder, it took us hours of searching for solutions.
Following apt update error:
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 64CBBC8173D76B3F
So make sure you check permissions:
chmod 755 /etc/apt/keyrings
chmod 644 /etc/apt/keyrings/salt-archive-keyring-2023.gpg
For some reason we had 0750 permissions on /etc/apt/keyrings folder, it took us hours of searching for solutions.
Following apt update error:
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 64CBBC8173D76B3F
So make sure you check permissions:
chmod 755 /etc/apt/keyrings chmod 644 /etc/apt/keyrings/salt-archive-keyring-2023.gpg
This is the solution. It may be affected by some policy for hardening
silly me, also had this error (because I paranoidally set umask to 0077)
the solution for me was
umask 0022; curl -fsSL -o /etc/apt/keyrings/salt-archive-keyring-2023.gpg https://repo.saltproject.io/salt/py3/ubuntu/24.04/amd64/SALT-PROJECT-GPG-PUBKEY-2023.gpg
But it's not a foolproof solution to put in docs, user can have the same error if the parent directory has wrong permissions.
Maybe the solution for docs update would be:
signed-by
syntax
Description
Is there a step I am missing?
Type of documentation Salt Install Guide
Location or format of documentation https://docs.saltproject.io/salt/install-guide/en/latest/topics/install-by-operating-system/debian.html