即使有密钥,apt 也会对所有存储库说“无效签名”/“未签名”

即使有密钥,apt 也会对所有存储库说“无效签名”/“未签名”

执行此操作时apt update我收到以下错误消息

Err:1 http://at.archive.ubuntu.com/ubuntu xenial InRelease                                                                     
  At least one invalid signature was encountered.

W: GPG error: http://at.archive.ubuntu.com/ubuntu xenial InRelease: At least one invalid signature was encountered.
E: The repository 'http://at.archive.ubuntu.com/ubuntu xenial InRelease' is not signed.

N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

但密钥均已存在且有效(已使用 确认apt-key list)。还用于debsums确认所有主要包均正常。

/etc/apt/trusted.gpg
--------------------
pub   1024D/437D05B5 2004-09-12
uid                  Ubuntu Archive Automatic Signing Key <[email protected]>
sub   2048g/79164387 2004-09-12

pub   1024D/FBB75451 2004-12-30
uid                  Ubuntu CD Image Automatic Signing Key <[email protected]>

pub   4096R/C0B21F32 2012-05-11
uid                  Ubuntu Archive Automatic Signing Key (2012) <[email protected]>

pub   4096R/EFE21092 2012-05-11
uid                  Ubuntu CD Image Automatic Signing Key (2012) <[email protected]>

pub   1024D/3E5C1192 2010-09-20
uid                  Ubuntu Extras Archive Automatic Signing Key <[email protected]>

答案1

在我的特定情况下,问题在于busybox使用主要标准用户空间工具而不是 GNU 工具,因此输出readlink --help

BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) multi-call binary.

Usage: readlink [-fnv] FILE

Display the value of a symlink

        -f      Canonicalize by following all symlinks
        -n      Don't add newline
        -v      Verbose

command -v readlink指向/usr/bin/readlink的符号链接/bin/busybox。我确认在干净的 Ubuntu 中并非如此。

显然有人不小心运行了busybox --install。解决方法是删除指向busybox使用的符号链接find /bin /sbin /usr -type l -lname /bin/busybox -delete

相关内容