For about six months I’ve been using a Raspberry Pi 3 as my desktop computer at home.
I’ve generated a new OpenPGP key, and I’m now using this new key.
See my migration message for details.
Anyway if you are using my repository and get the following error:
W: GPG error: http://silicone.homelinux.org unstable Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 8B306538D00E52B6
All you have to do is to get the new key and import it to apt again.
The key is stored as before in siliconerepositorykey.asc and you can import it with:
sudo apt-key add siliconerepositorykey.asc
Now that Lenny is out, testing is moving again !
So I could upgrade my wordpress debian package to the testing version and get the 2.7.1 !
Note that my system is still running lenny (stable), this is using basic apt pinning, the more basic you can do is :
in /etc/apt/apt.conf (or in one file in /etc/apt/apt.conf.d)
- then add the tesing distrib in your source.list !
sudo aptitude update
and that’s it you can install some specific packages from testing.
However to use stable, testing and unstable you have to really do the pinning !
But for testing, unstable and experimental the above method with testing as default release will works. Just because experimental has NEVER automatic upgrade.
That was long, but here is my signed debian repository !
- Debian Repository HOWTO mostly describes trivial repository setup.
After some trial it appeared to me that trivial repositories cannot be signed (well at least will not be verified by atp)
- mini-dinstall does basically only trivial repository to.
- This article about Unofficial Debian repository describe a setup with debarchiver however this has special user, cronjob… it seamed quite complex to me
- Basically what I wanted was like a trivial repository but secured, and the solution was on the debian wiki, it first confirm that trivial repository are not compatible with apt-secure. And it give the solution:
Even with an “official archive”, you can create a much simpler archive than the real official one. This is explained in Debian Reference (lenny) using apt-ftparchive in apt-utils and dupload. All uploaded packages are located in a directory and no database server is needed. This may be good enough for people hosting a few packages.
Well this was good enough for me, also I’m currently not using dupload but I put the commands suggested as postupload in a script.
The update script, apt-ftparchive configuration and pgp public keys are on the root of the repository.
to use it:
#add in source.list deb http://silicone.homelinux.org/repository/ unstable main deb-src http://silicone.homelinux.org/repository/ unstable main #for gpg signature verification get siliconerepositorykey.asc # sudo apt-key add siliconerepositorykey.asc
The actual content of the repository is currently just one program: a hacked xrootconsole with ANSI color support, but this will be the subject of a next post