[Piuparts-commits] [piuparts] 03/07: p: use '[ trusted=yes ]' for --testdebs-repo in sources.list
Holger Levsen
holger at moszumanska.debian.org
Fri Jul 3 09:37:45 UTC 2015
This is an automated email from the git hooks/post-receive script.
holger pushed a commit to branch develop
in repository piuparts.
commit 873c9cd1b270cd857df9c78f1ef44d48664109d4
Author: Andreas Beckmann <anbe at debian.org>
Date: Tue Jun 30 19:32:54 2015 +0200
p: use '[ trusted=yes ]' for --testdebs-repo in sources.list
Signed-off-by: Andreas Beckmann <anbe at debian.org>
---
debian/changelog | 2 ++
piuparts.1.txt | 11 +++++++----
piuparts.py | 4 ++--
3 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 4dd0eb9..227f253 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ piuparts (0.65) UNRELEASED; urgency=medium
[ Andreas Beckmann ]
* piuparts.py:
- Ensure /etc/mtab exists in the chroot.
+ - Create sources.list entries for --testdebs-repo with '[ trusted=yes ]'
+ to avoid needing --do-not-verify-signatures which would act globally.
* scripts/post_distupgrade_exceptions:
- Fix the /etc/nsswitch.conf wheezy -> jessie upgrade handling.
* Add bug template for wheezy -> jessie -> stretch upgrades.
diff --git a/piuparts.1.txt b/piuparts.1.txt
index 4238569..c9eb995 100644
--- a/piuparts.1.txt
+++ b/piuparts.1.txt
@@ -221,10 +221,10 @@ Note that file: addresses works if the directories are made accessible from with
*--testdebs-repo*='deb-line'::
Provide an additional line to be appended to sources.list, e.g.
- 'deb <URL> <distrib> <components>' or
- 'deb file:// </bind/mount> ./'
- If only an URL or local path is given as argument, "deb", "file://", and
- "./" will be prepended/appended as needed.
+ 'deb [ trusted=yes ] <URL> <distrib> <components>' or
+ 'deb [ trusted=yes ] file:// </bind/mount> ./'
+ If only an URL or local path is given as argument, "deb [ trusted=yes ]",
+ "file://", and "./" will be prepended/appended as needed.
The "testdebs" repository provides the packages to be tested (and some
additional dependencies, if needed, e.g. all packages built from the same
source package as the (binary) package being tested) and can be used for
@@ -233,6 +233,9 @@ Note that file: addresses works if the directories are made accessible from with
for installing the target packages. Dependency resolution will be done by
apt-get. The packages to be tested can be passed as .debs or as package
names (with '--apt').
+ The "trusted=yes" option causes this (and only this) repository to be
+ trustworthy even if the Packages file is not signed, such that a
+ (globally acting) '--do-not-verify-signatures' will not be needed.
*-t directory*, *--tmpdir*='directory'::
Use directory as the place where temporary files and directories are created. The default is the environment variable *TMPDIR*, or _/tmp_ if not set.
diff --git a/piuparts.py b/piuparts.py
index 3c96cf0..2aad3ee 100644
--- a/piuparts.py
+++ b/piuparts.py
@@ -897,9 +897,9 @@ class Chroot:
if settings.testdebs_repo.startswith("deb"):
debline = settings.testdebs_repo
elif settings.testdebs_repo.startswith("/"):
- debline = "deb file://%s ./" % settings.testdebs_repo
+ debline = "deb [ trusted=yes ] file://%s ./" % settings.testdebs_repo
else:
- debline = "deb %s ./" % settings.testdebs_repo
+ debline = "deb [ trusted=yes ] %s ./" % settings.testdebs_repo
logging.debug("enabling testdebs repository '%s'" % debline)
create_file(self.relative("etc/apt/sources.list.d/piuparts-testdebs-repo.list"), debline + "\n")
if update:
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/piuparts/piuparts.git
More information about the Piuparts-commits
mailing list