Mailinglist Archive: opensuse (2700 mails)
| < Previous | Next > |
Re: [SLE] Synaptic and signatures
- From: Clayton <smaug42@xxxxxxxxx>
- Date: Fri, 8 Jul 2005 15:45:41 +0200
- Message-id: <e2996788050708064521afba4f@xxxxxxxxxxxxxx>
On 7/8/05, C. Brouerius van Nidek <constant@xxxxxxxxxxx> wrote:
> Know that it was a discussion on the list with a solution. I seem to use the
> latest Synaptic 0.57 for Suse (9.3) and thought that I would be able to steer
> clear of unsigned, corrupted, signatures and such.
> My system reports following after a big update:
>
> APT system reports:
> E: Error(s) while checking package signatures:
> 16 unsigned package(s)
> 59 package(s) with unknown signatures
> 0 package(s) with illegal/corrupted signatures
>
> Where should I insert what in order to get the packages installed?
> The check box " verify package signatures" is unchecked but does not seem to
> do its work.
The quickest way (although, not necessarily the recommended way) is
to su to root, and go to /etc/apt/apt.conf.d. Edit the file
gpg-checker.conf. Change the line that says:
GPG::Check true;
so that it reads:
GPG::Check false;
The gain in doing this is that you won't get that error anymore. The
risk is that you will no longer be doing any signature validation on
any RPMs that you install, and run the risk of installing unsigned and
thus unknown RPMs on your computer.
The "proper" way to get around this is to install the signature RPMs
from the package maintainers. You can get them off the gpdg
repositories.. in Synaptic, they should be under System/Packages, or
just search for rpmkey. Only issue is, I've found that this doesn't
give you 100% of the rpmkeys you need to avoid this error completely.
C.
> Know that it was a discussion on the list with a solution. I seem to use the
> latest Synaptic 0.57 for Suse (9.3) and thought that I would be able to steer
> clear of unsigned, corrupted, signatures and such.
> My system reports following after a big update:
>
> APT system reports:
> E: Error(s) while checking package signatures:
> 16 unsigned package(s)
> 59 package(s) with unknown signatures
> 0 package(s) with illegal/corrupted signatures
>
> Where should I insert what in order to get the packages installed?
> The check box " verify package signatures" is unchecked but does not seem to
> do its work.
The quickest way (although, not necessarily the recommended way) is
to su to root, and go to /etc/apt/apt.conf.d. Edit the file
gpg-checker.conf. Change the line that says:
GPG::Check true;
so that it reads:
GPG::Check false;
The gain in doing this is that you won't get that error anymore. The
risk is that you will no longer be doing any signature validation on
any RPMs that you install, and run the risk of installing unsigned and
thus unknown RPMs on your computer.
The "proper" way to get around this is to install the signature RPMs
from the package maintainers. You can get them off the gpdg
repositories.. in Synaptic, they should be under System/Packages, or
just search for rpmkey. Only issue is, I've found that this doesn't
give you 100% of the rpmkeys you need to avoid this error completely.
C.
| < Previous | Next > |