checkaptgpg

Message
Author
User avatar
Jerry3904
Forum Veteran
Forum Veteran
Posts: 15590
Joined: Wed Jul 19, 2006 6:13 am

Re: checkaptgpg

#21 Postby Jerry3904 » Tue Apr 12, 2011 2:14 pm

Wondered if the gap plays a role, but no difference when I removed it and added a comment line above it.

Seems strange, since Synaptic picks up the repos and the lack of a key.

Maybe we should have a warning line in the output such as "Some repositories may not respond to checkaptgpg and will require manual intervention to acquire a key."
Production: 4.7.0-0.bpo.1-amd64, MX-15 RC1, AMD FX-4130 Quad-Core, GeForce GT 630/PCIe/SSE2, 8 GB, Kingston SSD 120 GB and WesternDigital 1TB
Testing: AAO 722: 3.16-0-4-686-pae. MX-15, AMD C-60 APU, 4 GB

User avatar
Jerry3904
Forum Veteran
Forum Veteran
Posts: 15590
Joined: Wed Jul 19, 2006 6:13 am

Re: checkaptgpg

#22 Postby Jerry3904 » Wed Apr 20, 2011 9:12 am

REQUEST: can the checkaptgpg script be modified to use alternative key sources when the first source does not find the key for a repo?

Explanation: I finally followed up on my two repos that did not come up in the checkaptgpg report, using the alternative key sources listed in the Wiki entry. I got the virtualbox key from subkeys.pgp.net, and the QGIS key from wwwkeys.pgp.net.

So I guess there are two questions: why doesn't the current script report that it found no keys for those two repos, and how can the script be modified to try other sources when the primary one is unsuccessful?
Production: 4.7.0-0.bpo.1-amd64, MX-15 RC1, AMD FX-4130 Quad-Core, GeForce GT 630/PCIe/SSE2, 8 GB, Kingston SSD 120 GB and WesternDigital 1TB
Testing: AAO 722: 3.16-0-4-686-pae. MX-15, AMD C-60 APU, 4 GB

User avatar
Adrian
Forum Veteran
Forum Veteran
Posts: 6370
Age: 41
Joined: Wed Jul 12, 2006 1:42 am

Re: checkaptgpg

#23 Postby Adrian » Wed Apr 20, 2011 9:28 am

It shouldn't be too hard, you see this line:

Code: Select all

apt-key adv --keyserver $KEYSERVER --recv-key $GPGKEY


I think it can be modified to something like

Code: Select all

apt-key adv --keyserver $KEYSERVER --recv-key $GPGKEY || apt-key adv --keyserver $SECONDARYKEYSERVER --recv-key $GPGKEY


So, if the first one fails run the apt-key with a $SECONDARYKEYSERVER (which needs to be defined somewhere before this line)

However ideally would be to have a list of key servers and take the next on in the list and if it fails go to the next one and so on, but using a secondary server should probably be enough.

User avatar
kmathern
Forum Veteran
Forum Veteran
Posts: 9168
Age: 58
Joined: Wed Jul 12, 2006 2:26 pm

Re: checkaptgpg

#24 Postby kmathern » Wed Apr 20, 2011 9:57 am

Jerry3904 wrote:REQUEST: can the checkaptgpg script be modified to use alternative key sources when the first source does not find the key for a repo?

Explanation: I finally followed up on my two repos that did not come up in the checkaptgpg report, using the alternative key sources listed in the Wiki entry. I got the virtualbox key from subkeys.pgp.net, and the QGIS key from wwwkeys.pgp.net.

So I guess there are two questions: why doesn't the current script report that it found no keys for those two repos, and how can the script be modified to try other sources when the primary one is unsuccessful?
I have some changes to checkaptgpg that I've been sitting on. {kind of got sidetracked by the plymouth theme stuff}.

One change I made was to try to download and install the key up to five times, each time from a different keyserver.

I also made some other changes that eliminate most of the "No GPG Release signature found." messages that the script puts out.

With the changes I'm able to retrieve a higher percentage of keys than before. For instance it now will get the keys for that QGIS repo and for Opera. It's also able to retrieve keys for Virtualbox, dl.google.com (for Chrome, Googleearth, Google Talk Plugin), Warren's repo, etc.

I still had some keys I needed to install manually, linux.wuertz.org (an aptosid repo) and a repo I use for my samsung printer driver.

I'll try to post an updated checkaptgpg package later today.

User avatar
Adrian
Forum Veteran
Forum Veteran
Posts: 6370
Age: 41
Joined: Wed Jul 12, 2006 1:42 am

Re: checkaptgpg

#25 Postby Adrian » Wed Apr 20, 2011 11:24 am

kmathern, can you please push the changes on Github repo? And just post the link it that?

User avatar
kmathern
Forum Veteran
Forum Veteran
Posts: 9168
Age: 58
Joined: Wed Jul 12, 2006 2:26 pm

Re: checkaptgpg

#26 Postby kmathern » Wed Apr 20, 2011 11:33 am

Adrian wrote:kmathern, can you please push the changes on Github repo? And just post the link it that?

I will if I can figure out how to use Github.

If I do use Github won't just the source changes end up there, not the resulting package?

User avatar
Jerry3904
Forum Veteran
Forum Veteran
Posts: 15590
Joined: Wed Jul 19, 2006 6:13 am

Re: checkaptgpg

#27 Postby Jerry3904 » Wed Apr 20, 2011 12:00 pm

You would start by doing the steps here: http://www.mepis.org/docs/en/index.php? ... om_Account

Then you would run:

Code: Select all

git clone git@github.com:MEPIS-Community/checkaptgpg.git
to download the current version (April 12)

Then follow these steps in editing: http://www.mepis.org/docs/en/index.php? ... ub#Editing

Both revision history and current version download are available on the project page: https://github.com/MEPIS-Community/checkaptgpg
Production: 4.7.0-0.bpo.1-amd64, MX-15 RC1, AMD FX-4130 Quad-Core, GeForce GT 630/PCIe/SSE2, 8 GB, Kingston SSD 120 GB and WesternDigital 1TB
Testing: AAO 722: 3.16-0-4-686-pae. MX-15, AMD C-60 APU, 4 GB

User avatar
Adrian
Forum Veteran
Forum Veteran
Posts: 6370
Age: 41
Joined: Wed Jul 12, 2006 1:42 am

Re: checkaptgpg

#28 Postby Adrian » Wed Apr 20, 2011 12:39 pm

It's only the source there, not the resulting binary. Let me or Jerry know if you have question (you probably will) and we'll be happy to help. In my opinion it's better to get all these tools on Github, it's easier to follow changes.

User avatar
Adrian
Forum Veteran
Forum Veteran
Posts: 6370
Age: 41
Joined: Wed Jul 12, 2006 1:42 am

Re: checkaptgpg

#29 Postby Adrian » Fri Apr 22, 2011 9:47 am

Kent pushed the changes to checkaptgpg, we just need to make sure that whoever packages for community repo (Stevo?) follows the Github repo: https://github.com/MEPIS-Community/checkaptgpg

You can get the source without having a ssh key set up on Github with this command

Code: Select all

git clone git://github.com/MEPIS-Community/checkaptgpg.git
(this is only read only, you'll not be able to push, for that you need to set up ssh key on Github). That's only first time, then you can use

Code: Select all

git pull
to get changes.

User avatar
kmathern
Forum Veteran
Forum Veteran
Posts: 9168
Age: 58
Joined: Wed Jul 12, 2006 2:26 pm

Re: checkaptgpg

#30 Postby kmathern » Fri Apr 22, 2011 10:02 am

Adrian wrote:Kent pushed the changes to checkaptgpg, we just need to make sure that whoever packages for community repo (Stevo?) follows the Github repo: https://github.com/MEPIS-Community/checkaptgpg

You can get the source without having a ssh key set up on Github with this command

Code: Select all

git clone git://github.com/MEPIS-Community/checkaptgpg.git
(this is only read only, you'll not be able to push, for that you need to set up ssh key on Github). That's only first time, then you can use

Code: Select all

git pull
to get changes.

What I 'pushed' were actually changes for a package I posted last week. Those changes were labeled 'mcr110+2' to match the checkaptgpg_0.1mcr110+2_all.deb package from post # viewtopic.php?p=268990#p268990).

I did it mainly as a exercise in learning how to use Github and to get those changes on record & included in checkatpgpg.

I haven't yet 'pushed' the changes I mentioned a day or two ago.


Return to “Betas-RC's only”

Who is online

Users browsing this forum: No registered users and 2 guests