由于 deb.sury PHP PPA,无法将 Debian Jessie 升级到稳定版

由于 deb.sury PHP PPA,无法将 Debian Jessie 升级到稳定版

我正在尝试按照以下步骤将我的 Linode Jessie 实例升级到稳定版本教程。我已升级/etc/apt/sources.list文件,并已达到$ sudo apt update要求。输入该命令后,我得到以下信息:

Hit http://mirrors.linode.com stable InRelease
Hit http://mirrors.linode.com stable-updates InRelease                         
Ign http://nyc2.mirrors.digitalocean.com stable InRelease                      
Hit http://archive.debian.org jessie-backports InRelease                       
Ign http://nyc2.mirrors.digitalocean.com stable Release.gpg                    
Ign http://nyc2.mirrors.digitalocean.com stable Release                        
Get:1 http://security.debian.org stable/updates InRelease [39.1 kB]            
Get:2 https://packages.sury.org stable InRelease                        
Ign https://packages.sury.org stable InRelease                                 
Get:3 http://mirrors.linode.com stable/main Sources [7,827 kB]                 
W: There is no public key available for the following key IDs:                 
648ACFD622F3D138
 NO_PUBKEY DCC9EFBF77E11517
W: There is no public key available for the following key IDs:
648ACFD622F3D138
E: Release file for http://archive.debian.org/debian/dists/jessie-backports/InRelease is expired (invalid since 145d 4h 29min 16s). Updates for this repository will not be applied.

我的上述/etc/apt/sources.list文件是:

# 

# deb cdrom:[Debian GNU/Linux 8.3.0 _Jessie_ - Official Multi-architecture amd6$

#deb cdrom:[Debian GNU/Linux 8.3.0 _Jessie_ - Official Multi-architecture amd64$

deb http://mirrors.linode.com/debian/ stable main
deb-src http://mirrors.linode.com/debian/ stable main

deb http://security.debian.org/ stable/updates main
deb-src http://security.debian.org/ stable/updates main

# jessie-updates, previously known as 'volatile'
deb http://mirrors.linode.com/debian/ stable-updates main
deb [arch=i386,ppc64el,amd64] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.2/debian stable main
# deb-src [arch=i386,ppc64el,amd64] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.2/debian stable main

deb-src http://mirrors.linode.com/debian/ stable-updates main

在对 PPA 进行一些研究后,我还将我的 /etc/apt/sources.list.d/php.list 文件更新为:

deb https://packages.sury.org/php/ stable main

但错误仍然存​​在。

有没有办法升级此 PPA,以便可以与 Debian Stable 一起使用?或者有其他方法可以解决这个问题?

答案1

您只是缺少签名密钥;新版本中的软件包使用新密钥签名。您可以从密钥服务器获取密钥并将其保存为新文件/etc/apt/trusted.gpg.d/

$ sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg --keyserver keyserver.ubuntu.com --recv 648ACFD622F3D138
gpg: keyring '/etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg' created
gpg: key DC30D7C23CBBABEE: public key "Debian Archive Automatic Signing Key (10/buster) <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

$ sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg --keyserver keyserver.ubuntu.com --recv DCC9EFBF77E11517
gpg: keyring '/etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg' created
gpg: key DCC9EFBF77E11517: public key "Debian Stable Release Key (10/buster) <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

如果这些文件的权限是其他的,请将其更改为-rw-r--r--使用:

sudo chmod 644 /etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg
sudo chmod 644 /etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg

现在应该在输出中列出这些键apt-key list,并且错误将apt update被修复。

答案2

对于我来说,Debian 9 和 PHP 7.4 的安装,这是有效的:

$ sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg

之后,我就可以运行 apt update 而不会出现任何错误。

答案3

我发现使用 gpg2 密钥环不起作用,因为 debootstrapgpgv在后台使用 gpg1 数据库版本。我通过 gpg 数据库重新创建了 gpg 数据库,如下所示Debian 档案密钥环服务器,请注意,gpg在撰写本文时,是 gpg 1.xx,而不是 gpg 2.xx 或更新版本:

wget https://ftp-master.debian.org/keys/release-10.asc -qO- | gpg --import --no-default-keyring --keyring ./debian-release-10.gpg
debootstrap --keyring=./debian-release-10.gpg buster /srv/buster


如果deboostrap更新为使用gpg --verify而不是gpgv,我想gpg2可以将其用作替代品 - 但我不能确定。

相关内容