Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apt-offline install does not accept custom public key path as in deb [signed-by=...] ... #232

Open
McTrk opened this issue Jun 4, 2024 · 1 comment
Open

apt-offline install does not accept custom public key path as in deb [signed-by=...] ... #232

McTrk opened this issue Jun 4, 2024 · 1 comment
Assignees
@rickysarraf
Labels
Bug Wishlist

Comments

@McTrk
Copy link

McTrk commented Jun 4, 2024
edited
Loading 

me@z620:~/devel/work/apt-offline$ sudo apt-offline set --update ud.sig
Gathering details needed for 'update' operation
me@z620:~/devel/work/apt-offline$ sudo apt-offline get ud.sig --bundle ud.zip

Fetching APT Data

Downloading http://packages.microsoft.com/repos/code/dists/stable/Release.gpg                                                             
http://packages.microsoft.com/repos/code/dists/stable/Release.gpg done                                                             
...
Downloading http://archive.ubuntu.com/ubuntu/dists/noble-backports/multiverse/cnf/Commands-all.xz                                                             
...
Downloading https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.gpg                                                             
https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.gpg done                                                             
...
Downloading https://pkgs.k8s.io/core:/stable:/v1.28/deb/Contents-all.xz                                                             
Downloading http://downloads.linux.hpe.com/SDR/repo/mcp/dists/noble/current/Release.gpg                                                             
...
Downloading https://download.docker.com/linux/ubuntu/dists/jammy/stable/cnf/Commands-all.xz                                                             
1061 / 1061 items: [##############################] 100.0% of 70 MiB
Downloaded data to /home/me/devel/work/apt-offline/ud.zip
me@z620:~/devel/work/apt-offline$ ls -l
total 71436
-rw-r--r-- 1 root root    57214 Jun  3 19:46 ud.sig
-rw-r--r-- 1 root root 73088713 Jun  3 19:49 ud.zip
me@z620:~/devel/work/apt-offline$ sudo apt-offline install ud.zip 
Proceeding with installation
gpgv: Signature made Fri 31 May 2024 07:38:25 AM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
gpgv: Signature made Fri 31 May 2024 07:38:25 AM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
gpgv: Signature made Mon 03 Jun 2024 06:51:30 PM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
gpgv: Signature made Mon 03 Jun 2024 06:51:30 PM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
gpgv: Signature made Thu 25 Apr 2024 11:11:21 AM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
gpgv: Signature made Thu 25 Apr 2024 11:11:21 AM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
gpgv: Signature made Tue 28 May 2024 10:07:10 AM EDT
gpgv:                using RSA key 7EA0A9C3F273FCD8
gpgv: Can't check signature: No public key
ERROR: /tmp/tmpbplh675u/download.docker.com_linux_ubuntu_dists_jammy_InRelease bad signature.  Not syncing because in strict mode.
gpgv: Signature made Tue 28 May 2024 10:07:10 AM EDT
gpgv:                using RSA key 7EA0A9C3F273FCD8
gpgv: Can't check signature: No public key
ERROR: /tmp/tmpbplh675u/download.docker.com_linux_ubuntu_dists_jammy_Release.gpg bad signature. Not syncing because in strict mode.
gpgv: Signature made Thu 09 May 2024 04:15:37 AM EDT
gpgv:                using RSA key 57446EFDE098E5C934B69C7DC208ADDE26C2B797
gpgv: Can't check signature: No public key
ERROR: /tmp/tmpbplh675u/downloads.linux.hpe.com_SDR_repo_mcp_dists_noble_current_Release.gpg bad signature. Not syncing because in strict mode.
gpgv: Signature made Tue 18 Jul 2023 03:04:24 PM EDT
gpgv:                using RSA key C95B321B61E88C1809C4F759DDCAE044F796ECB0
gpgv: Can't check signature: No public key
ERROR: /tmp/tmpbplh675u/nvidia.github.io_libnvidia-container_stable_ubuntu18.04_amd64_InRelease bad signature.  Not syncing because in strict mode.
gpgv: Signature made Thu 15 Apr 2021 11:01:52 PM EDT
gpgv:                using RSA key F9FDA6BED73CDC22
gpgv: Good signature from "Canonical Archive Automatic Signing Key <ftpmaster@canonical.com>"
gpgv: Signature made Mon 03 Jun 2024 11:42:39 AM EDT
gpgv:                using RSA key EB3E94ADBE1229CF
gpgv: Good signature from "Microsoft (Release signing) <gpgsecurity@microsoft.com>"
gpgv: Signature made Mon 03 Jun 2024 11:43:09 AM EDT
gpgv:                using RSA key EB3E94ADBE1229CF
gpgv: Good signature from "Microsoft (Release signing) <gpgsecurity@microsoft.com>"
gpgv: Signature made Mon 03 Jun 2024 04:55:25 AM EDT
gpgv:                using RSA key EB3E94ADBE1229CF
gpgv: Good signature from "Microsoft (Release signing) <gpgsecurity@microsoft.com>"
gpgv: Signature made Mon 03 Jun 2024 04:55:38 AM EDT
gpgv:                using RSA key EB3E94ADBE1229CF
gpgv: Good signature from "Microsoft (Release signing) <gpgsecurity@microsoft.com>"
gpgv: Signature made Tue 14 May 2024 06:01:40 PM EDT
gpgv:                using RSA key 234654DA9A296436
gpgv: Can't check signature: No public key
ERROR: /tmp/tmpbplh675u/pkgs.k8s.io_core:_stable:_v1.28_deb_InRelease bad signature.  Not syncing because in strict mode.
gpgv: Signature made Tue 14 May 2024 06:01:40 PM EDT
gpgv:                using RSA key 234654DA9A296436
gpgv: Can't check signature: No public key
ERROR: /tmp/tmpbplh675u/pkgs.k8s.io_core:_stable:_v1.28_deb_Release.gpg bad signature. Not syncing because in strict mode.
gpgv: Signature made Mon 03 Jun 2024 04:18:18 PM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
gpgv: Signature made Mon 03 Jun 2024 04:18:18 PM EDT
gpgv:                using RSA key F6ECB3762474EDA9D21B7022871920D1991BC93C
gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>"
archive.ubuntu.com_ubuntu_dists_noble-backports_InRelease synced.
archive.ubuntu.com_ubuntu_dists_noble-backports_Release.gpg synced.
...
security.ubuntu.com_ubuntu_dists_noble-security_universe_source_Sources.xz synced.
security.ubuntu.com_ubuntu_dists_noble-security_universe_source_Sources.xz synced.
me@z620:~/devel/work/apt-offline$

Problem: Files downloaded from sources with the so-called "bad signature" (namely, those from download.docker.com, downloads.linux.hpe.com,
nvidia.github.io, pkgs.k8s.io) have not been synced. These are sources with a custom signed-by field, such as deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /. Such custom-located signatures are recognized by apt-get:

me@z620:~/devel/work/apt-offline$ sudo apt-get update
Hit:2 https://packages.microsoft.com/ubuntu/22.04/prod jammy InRelease                                                                                                                       
Get:3 https://nvidia.github.io/libnvidia-container/stable/ubuntu18.04/amd64  InRelease [1,484 B]                                                                                             
Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease                                                                                                                             
Hit:5 https://download.docker.com/linux/ubuntu jammy InRelease                                                                                                                               
Get:1 https://packages.microsoft.com/repos/code stable InRelease [3,590 B]                                                                                                                   
Hit:7 http://archive.ubuntu.com/ubuntu noble InRelease                                                                                                                                       
Hit:8 http://oem.archive.canonical.com/updates focal-qemu InRelease                                   
Hit:9 http://archive.ubuntu.com/ubuntu noble-updates InRelease                                        
Ign:10 http://downloads.linux.hpe.com/SDR/repo/mcp noble/current InRelease             
Hit:11 http://archive.ubuntu.com/ubuntu noble-backports InRelease                      
Hit:6 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb  InRelease
Hit:12 http://downloads.linux.hpe.com/SDR/repo/mcp noble/current Release         
Fetched 5,074 B in 1s (3,680 B/s)
Reading package lists... Done
N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'https://packages.microsoft.com/ubuntu/22.04/prod jammy InRelease' doesn't support architecture 'i386'
N: Skipping acquire of configured file 'stable/binary-i386/Packages' as repository 'https://download.docker.com/linux/ubuntu jammy InRelease' doesn't support architecture 'i386'
N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'http://packages.microsoft.com/repos/code stable InRelease' doesn't support architecture 'i386'
N: Missing Signed-By in the sources.list(5) entry for 'http://oem.archive.canonical.com/updates'
N: Missing Signed-By in the sources.list(5) entry for 'http://packages.microsoft.com/repos/code'
me@z620:~/devel/work/apt-offline$

Desired behavior should match the output from apt-get update, above.
Version detail:

me@z620:~/devel/work/apt-offline$ apt-offline -v
1.8.5
me@z620:~/devel/work/apt-offline$ cat /etc/os-release 
PRETTY_NAME="Ubuntu 24.04 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo
me@z620:~/devel/work/apt-offline$
@rickysarraf
Copy link
Owner

This has just been fixed in master with 8cd98be
Could you please test and report ?

@rickysarraf rickysarraf self-assigned this Jun 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rickysarraf rickysarraf

Labels
Bug Wishlist
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rickysarraf @McTrk