Opened 2 years ago
Closed 2 years ago
#2044 closed defect (fixed)
i2p-keyring on debian stable/stretch not working
Reported by: | Eche|on | Owned by: | zzz |
---|---|---|---|
Priority: | major | Milestone: | 0.9.32 |
Component: | package/debian | Version: | 0.9.31 |
Keywords: | Cc: | ||
Parent Tickets: | Sensitive: | no |
Description
hi
dpkg -i i2p-keyring_2017.09.18_all.deb
Selecting previously unselected package i2p-keyring.
(Reading database … 338993 files and directories currently installed.)
Preparing to unpack i2p-keyring_2017.09.18_all.deb …
Unpacking i2p-keyring (2017.09.18) …
Setting up i2p-keyring (2017.09.18) …
Adding/refreshing keys:
67ECE5605BCF1346 1381446626 [ expires 1539458811 ]
… Warning: apt-key should not be used in scripts (called from postinst maintainerscript of the package i2p-keyring)
gpg: no valid OpenPGP data found.
dpkg: error processing package i2p-keyring (—install):
subprocess installed post-installation script returned error exit status 2
Errors were encountered while processing:
i2p-keyring
Subtickets
Change History (5)
comment:1 Changed 2 years ago by
Milestone: | undecided → 0.9.32 |
---|---|
Status: | new → accepted |
comment:2 Changed 2 years ago by
This appears to be caused by a change in apt-key, or, rather, a change in gpg that apt-key doesn't support.
man apt-key:
SUPPORTED KEYRING FILES
apt-key supports only the binary OpenPGP format (also known as "GPG key public ring") in files with the
"gpg" extension, not the keybox database format introduced in newer gpg(1) versions as default for
keyring files. Binary keyring files intended to be used with any apt version should therefore always be
created with gpg —export.
Alternatively, if all systems which should be using the created keyring have at least apt version ≥ 1.4
installed, you can use the ASCII armored format with the "asc" extension instead which can be created
with gpg —armor —export.
comment:3 Changed 2 years ago by
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
Broken by GPG changes, not by the 2017-09-18 i2p-keyring package. Fixed by changing the way the keys are imported in 2017-09-20 i2p-keyring package.
Advice further down in the apt-get manual says that keys should be stored directly in /etc/apt/trusted.gpg.d/ , and there's now a dkpg lint warning about using apt-key in scripts, but ignored all that and just fixed the import as the simplest way for now.
comment:4 Changed 2 years ago by
Resolution: | fixed |
---|---|
Status: | closed → reopened |
reopening, doesn't work on old stable with old gpg
comment:5 Changed 2 years ago by
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Fixed in version 2017-09-21 by using newer binary keyring format rather than old keybox format.
I don't know how I broke it but I need to fix it quick, old key expires 10/1.
I just updated the key and followed the instructions I left myself last year.
Thanks to val on IRC: