[Aptitude-devel] APT::Authentication and local sources
dburrows at debian.org
Wed Mar 12 04:42:48 UTC 2008
On Tue, Mar 11, 2008 at 04:42:53PM +0100, Sébastien NOBILI <sebnewsletter at free.fr> was heard to say:
> Le mardi 11 mars 08 à 7:36, Daniel Burrows a écrit :
> | There doesn't appear to be an equivalent for local sources. One
> | could be written in about 5 minutes if you convince the apt development
> | team it should exist, but I don't know if there are security issues I'm
> | not thinking of that led them to leave it out.
> | The closest open bug I see is #316274, which sounds similar but would
> | be trickier to implement (or so I suspect).
> Thanks for the time you spent searching in the bug reports.
> I'll have a look to the code and try to write a patch before filling a
> bug report.
In my copy of the code, the place that the new lines would need to be
added is debmetaindex.cc, line 183.
> | This isn't the right place; it's a development list for one of the
> | front-ends to apt. You should ask on debian-user at lists.debian.org or
> | on deity at lists.debian.org, or file a wishlist bug on apt (which will be
> | sent to deity@).
> I've searched for « apt » in the lists index, so I didn't find deity...
"deity" was the original code-name for apt. I think it was also
supposed to be the actual program for which apt was just a backend, but
that never got off the ground.
> | You could create your own signing key and use "apt-key add" to add it
> | to the trusted set. There are instructions on signing an archive in
> | apt-secure(8). That would make the errors go away without you having to
> | wait for the apt team to get around to looking at this.
> I've already thought about it, but I would need to modify the ISO
> images, which I do not want (I want to keep my ISOs as provided by the
> Debian project).
Ah, right. For some reason I skipped over that bit of your email.
More information about the Aptitude-devel