我认为我需要在我的钥匙圈中放置钥匙 94532124541922FB,因为 multistrap 报告称:
W: GPG error: http://packages.roundr.devuan.org/merged ascii InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 94532124541922FB
W: The repository 'http://auto.mirror.devuan.org/merged ascii InRelease' is not signed.
我尝试使用以下方法导入密钥:
user@host:~/multistrap$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 94532124541922FB
Executing: /tmp/apt-key-gpghome.wsOOsj4iqi/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 94532124541922FB
key 94532124541922FB:
1 signature not checked due to a missing key
gpg: key 94532124541922FB: "Devuan Repository (Primary Devuan signing key) <[email protected]>" 1 new signature
gpg: Total number processed: 1
gpg: new signatures: 1
我不确定这是否成功,因此我尝试:
user@host:~/multistrap$ gpg --list-keys
/home/user/.gnupg/pubring.kbx
--------------------------------
pub rsa3072 2019-03-25 [SC] [expires: 2021-03-24]
579B175CD95705FB9A6C3D271587404115319AFF
uid [ultimate] User <[email protected]>
sub rsa3072 2019-03-25 [E] [expires: 2021-03-24]
这让我认为它失败了。
我如何获取密钥 94532124541922FB?
更新:我发现 apt-key 具有与 GPG 不同的密钥环,并且 GPG 具有不同的密钥环,具体取决于您是否使用sudo。
关键就在那里apt-key:
user@host:~/multistrap$ sudo apt-key adv --list-keys
Executing: /tmp/apt-key-gpghome.12skPKfRJz/gpg.1.sh --list-keys
/tmp/apt-key-gpghome.12skPKfRJz/pubring.gpg
-------------------------------------------
...
pub rsa2048 2014-12-02 [SC]
72E3CB773315DFA2E464743D94532124541922FB
uid [ unknown] Devuan Repository (Primary Devuan signing key) <[email protected]>
sub rsa2048 2014-12-02 [E]
sub rsa4096 2016-04-26 [S]
pub rsa4096 2016-10-06 [SC]
CF1921B2D91C6435848E810099C46A90B1FB3B59
uid [ unknown] Devuan ISO Toaster (Devuan GNU+Linux) <[email protected]>
sub rsa4096 2016-10-06 [E]
pub rsa4096 2017-09-04 [SC] [expires: 2022-09-03]
E032601B7CA10BC3EA53FA81BB23C00C61FC752C
uid [ unknown] Devuan Repository (Amprolla3 on Nemesis) <[email protected]>
sub rsa4096 2017-09-04 [E] [expires: 2022-09-03]
但 multistrap 仍然抱怨:
user@host:~/multistrap$ sudo multistrap -a armhf -d /multistrap-devuan-ascii -f simple-config
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "en_GB.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
multistrap 2.2.9 using simple-config
multistrap 2.2.9 using simple-config
Defaulting architecture to native: armhf
multistrap building armhf multistrap on 'armhf'
I: Downloading debian-archive-keyring
Get:1 http://packages.roundr.devuan.org/merged ascii/main armhf debian-archive-keyring all 2017.5 [56.4 kB]
Fetched 56.4 kB in 0s (67.5 kB/s)
Getting package lists: APT_CONFIG=/tmp/multistrap.QTx1QB apt-get -o Apt::Architecture=armhf -o Dir::Etc::TrustedParts=/multistrap-devuan-ascii/etc/apt/trusted.gpg.d -o Dir::Etc::Trusted=/multistrap-devuan-ascii/etc/apt/trusted.gpg -o Apt::Get::Download-Only=true -o Apt::Install-Recommends=false -o Dir=/multistrap-devuan-ascii/ -o Dir::Etc=/multistrap-devuan-ascii/etc/apt/ -o Dir::Etc::Parts=/multistrap-devuan-ascii/etc/apt/apt.conf.d/ -o Dir::Etc::PreferencesParts=/multistrap-devuan-ascii/etc/apt/preferences.d/ -o APT::Default-Release='*' -o Dir::State=/multistrap-devuan-ascii/var/lib/apt/ -o Dir::State::Status=/multistrap-devuan-ascii/var/lib/dpkg/status -o Dir::Cache=/multistrap-devuan-ascii/var/cache/apt/ update
Get:1 http://packages.roundr.devuan.org/merged ascii InRelease [21.9 kB]
Ign:1 http://packages.roundr.devuan.org/merged ascii InRelease
Fetched 21.9 kB in 0s (34.5 kB/s)
Reading package lists... Done
W: GPG error: http://packages.roundr.devuan.org/merged ascii InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 94532124541922FB
W: The repository 'http://auto.mirror.devuan.org/merged ascii InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
答案1
问题在于,multistrap 仅信任/multistrap-devuan-ascii/etc/apt/trusted.gpg.d目标目录中的密钥。
当对 Debian 进行多重打包时,此目录将填充从debian-archive-keyring包中提取的文件。
这个包在 simple-config 中被指定为密钥环:
[General]
unpack=true
bootstrap=Debian
aptsources=Debian
[Debian]
packages=
source=http://ftp.uk.debian.org/debian
keyring=debian-archive-keyring
suite=lenny
当我安装 Devuan(一个没有 systemd 的 Debian 分支)时,我的simple-config外观如下:
[General]
unpack=true
bootstrap=Devuan
aptsources=Devuan
[Devuan]
packages=
source=http://auto.mirror.devuan.org/merged
keyring=
suite=ascii
该debian-archive-keyring软件包确实存在于 Devuan 中,但只有 Debian 密钥,没有缺失的 Devuan 密钥。没有devuan-archive-keyring。
所以看起来我需要制作一个devuan-archive-keyring包含 Devuan 公钥的包。
(我已确认这将起作用,通过在多步运行失败后放入。在第二次调用时,多步运行不会出现错误。repository-devuan-org.gpg)/multistrap-devuan-ascii/etc/apt/trusted.gpg.d/