[Aptitude-devel] APT::Authentication and local sources

Daniel Burrows dburrows at debian.org
Wed Mar 12 04:42:48 UTC 2008

On Tue, Mar 11, 2008 at 04:42:53PM +0100, Sébastien NOBILI <sebnewsletter at free.fr> was heard to say:
> Le mardi 11 mars 08 à  7:36, Daniel Burrows a écrit :
> |   There doesn't appear to be an equivalent for local sources.  One
> | could be written in about 5 minutes if you convince the apt development
> | team it should exist, but I don't know if there are security issues I'm
> | not thinking of that led them to leave it out.
> | 
> |   The closest open bug I see is #316274, which sounds similar but would
> | be trickier to implement (or so I suspect).
> Thanks for the time you spent searching in the bug reports.
> I'll have a look to the code and try to write a patch before filling a
> bug report.

  In my copy of the code, the place that the new lines would need to be
added is debmetaindex.cc, line 183.

> |   This isn't the right place; it's a development list for one of the
> | front-ends to apt.  You should ask on debian-user at lists.debian.org or
> | on deity at lists.debian.org, or file a wishlist bug on apt (which will be
> | sent to deity@).
> I've searched for « apt » in the lists index, so I didn't find deity...

  "deity" was the original code-name for apt.  I think it was also
supposed to be the actual program for which apt was just a backend, but
that never got off the ground.

> |   You could create your own signing key and use "apt-key add" to add it
> | to the trusted set.  There are instructions on signing an archive in
> | apt-secure(8).  That would make the errors go away without you having to
> | wait for the apt team to get around to looking at this.
> I've already thought about it, but I would need to modify the ISO
> images, which I do not want (I want to keep my ISOs as provided by the
> Debian project).

  Ah, right.  For some reason I skipped over that bit of your email.


More information about the Aptitude-devel mailing list