[Neurodebian-users] Question about nd_* tools

Yury V. Zaytsev yury at shurup.com
Sun May 6 15:20:55 UTC 2012 

On Sun, 2012-05-06 at 16:38 +0200, Hänel Nikolaus Valentin wrote:
> 
> Suggestions? 

Hi Valentin,

The core of the problem is that you are using Ubuntu as the pbuilder
host which means that by default it is set to use Ubuntu keyring when
creating the chroots, not the Debian one even if you have it installed.

So in order to solve your problem, you should find a way to force it to
pick the right keyring when creating chroots. If you were only to create
Debian chroots, then you could edit /etc/pbuilderrc to add the
following:

DEBOOTSTRAPOPTS=(
    '--variant=buildd'
    '--keyring' '/usr/share/keyrings/debian-archive-keyring.gpg'
    )

However, I am afraid that this will fix the creation of Debian chroots,
but break Ubuntu chroots.

What I personally use is the approach that is described here in more
details: https://wiki.ubuntu.com/PbuilderHowto . Basically, you create a
smart ~/.pbuilderrc which automates the selection of the right keyring
basing upon the DIST variable:

if $(echo ${DEBIAN_SUITES[@]} | grep -q $DIST); then 
# Debian configuration
    MIRRORSITE="http://$DEBIAN_MIRROR/debian/"
    COMPONENTS="main contrib non-free"
    DEBOOTSTRAPOPTS=("${DEBOOTSTRAPOPTS[@]}" "--keyring=/usr/share/keyrings/debian-archive-keyring.gpg")
elif $(echo ${UBUNTU_SUITES[@]} | grep -q $DIST); then
    # Ubuntu configuration
    MIRRORSITE="http://$UBUNTU_MIRROR/ubuntu/"
    COMPONENTS="main restricted universe multiverse"
    DEBOOTSTRAPOPTS=("${DEBOOTSTRAPOPTS[@]}" "--keyring=/usr/share/keyrings/ubuntu-archive-keyring.gpg")
else
    echo "Unknown distribution: $DIST"
    exit 1
fi

However, I don't know how this integrates with NeuroDebian tools, which
I have never tried. 

If you still can't get it to work, I can only suggest to remove the
keyring reference from DEBOOTSTRAPOPTS found in /etc/pbuilderrc
altogether, so that it just won't check the release signature as it used
to be the case in the past, but of course security implications are on
you...

-- 
Sincerely yours,
Yury V. Zaytsev

More information about the Neurodebian-users mailing list