You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Darren Cole <dc...@aseg.com.INVALID> on 2019/02/03 00:48:37 UTC
Ubuntu packages not signed?
I remember seeing a message about getting packages for Ubuntu/Debian building again for http://download.cloudstack.org/
I see the packages now, but I get a message they are unsigned.
I've manually added the release.asc file from download.cloudstack.org with apt-key, but I still get the error.
Did package signing get turned back on as well?
Or did the key change that was being used?
I've only just started looking so maybe I've got a configuration wrong.
But I'm using the same ansible I used to install before (probably spring of last year or a bit earlier, but still should work)
I'm running Ubuntu LTS 16.04 xenial.
Darren Cole
--
This e-mail is confidential. Any distribution, use or copying of this e-mail or the information it contains other than by the intended recipient is forbidden. If you are not the intended recipient, please advise the sender (by return e-mail or otherwise) immediately and delete this e-mail.
Re: Ubuntu packages not signed?
Posted by Darren Cole <dc...@aseg.com.INVALID>.
I'll keep looking on my end.
Maybe I made a typo when I separated my cloudstack roles from my main git repository.
Darren
----- Original Message -----
> From: "Wido den Hollander" <wi...@widodh.nl>
> To: "Rohit Yadav" <ro...@shapeblue.com>, "users" <us...@cloudstack.apache.org>
> Sent: Monday, February 4, 2019 5:04:54 AM
> Subject: Re: Ubuntu packages not signed?
> I'll look into this. The scrtipts to generate the repo haven't changed
> in years.
>
> I do know that it is still using an old key, so we might need to
> generate a new private/public key pair and re-sign all packages with it.
>
> Wido
>
> On 2/3/19 6:47 PM, Rohit Yadav wrote:
>> Hi Darren,
>>
>>
>> Thanks for reporting. I've copied Wido who can check and comment on the
>> packages hosted on download.cloudstack.org.
>>
>>
>> I maintain the signed deb/rpm packages from shapeblue [1]:
>>
>> https://www.shapeblue.com/packages/
>>
>>
>> [1] http://packages.shapeblue.com/release.asc
>>
>>
>> - Rohit
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com
>> @shapeblue
>>
>>
>>
>>
>> ------------------------------------------------------------------------
>> *From:* Darren Cole <dc...@aseg.com.INVALID>
>> *Sent:* Sunday, February 3, 2019 6:18:37 AM
>> *To:* users@cloudstack.apache.org
>> *Subject:* Ubuntu packages not signed?
>>
>> I remember seeing a message about getting packages for Ubuntu/Debian
>> building again for http://download.cloudstack.org/
>> I see the packages now, but I get a message they are unsigned.
>> I've manually added the release.asc file from download.cloudstack.org
>> with apt-key, but I still get the error.
>>
>> Did package signing get turned back on as well?
>> Or did the key change that was being used?
>>
>> I've only just started looking so maybe I've got a configuration wrong.
>> But I'm using the same ansible I used to install before (probably spring
>> of last year or a bit earlier, but still should work)
>> I'm running Ubuntu LTS 16.04 xenial.
>>
>> Darren Cole
>> --
>> This e-mail is confidential. Any distribution, use or copying of this
>> e-mail or the information it contains other than by the intended
>> recipient is forbidden. If you are not the intended recipient, please
>> advise the sender (by return e-mail or otherwise) immediately and delete
> > this e-mail.
--
This e-mail is confidential. Any distribution, use or copying of this e-mail or the information it contains other than by the intended recipient is forbidden. If you are not the intended recipient, please advise the sender (by return e-mail or otherwise) immediately and delete this e-mail.
Re: Ubuntu packages not signed?
Posted by Wido den Hollander <wi...@widodh.nl>.
I'll look into this. The scrtipts to generate the repo haven't changed
in years.
I do know that it is still using an old key, so we might need to
generate a new private/public key pair and re-sign all packages with it.
Wido
On 2/3/19 6:47 PM, Rohit Yadav wrote:
> Hi Darren,
>
>
> Thanks for reporting. I've copied Wido who can check and comment on the
> packages hosted on download.cloudstack.org.
>
>
> I maintain the signed deb/rpm packages from shapeblue [1]:
>
> https://www.shapeblue.com/packages/
>
>
> [1] http://packages.shapeblue.com/release.asc
>
>
> - Rohit
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> @shapeblue
>
>
>
>
> ------------------------------------------------------------------------
> *From:* Darren Cole <dc...@aseg.com.INVALID>
> *Sent:* Sunday, February 3, 2019 6:18:37 AM
> *To:* users@cloudstack.apache.org
> *Subject:* Ubuntu packages not signed?
>
> I remember seeing a message about getting packages for Ubuntu/Debian
> building again for http://download.cloudstack.org/
> I see the packages now, but I get a message they are unsigned.
> I've manually added the release.asc file from download.cloudstack.org
> with apt-key, but I still get the error.
>
> Did package signing get turned back on as well?
> Or did the key change that was being used?
>
> I've only just started looking so maybe I've got a configuration wrong.
> But I'm using the same ansible I used to install before (probably spring
> of last year or a bit earlier, but still should work)
> I'm running Ubuntu LTS 16.04 xenial.
>
> Darren Cole
> --
> This e-mail is confidential. Any distribution, use or copying of this
> e-mail or the information it contains other than by the intended
> recipient is forbidden. If you are not the intended recipient, please
> advise the sender (by return e-mail or otherwise) immediately and delete
> this e-mail.
Re: Ubuntu packages not signed?
Posted by Rohit Yadav <ro...@shapeblue.com>.
Hi Darren,
Thanks for reporting. I've copied Wido who can check and comment on the packages hosted on download.cloudstack.org.
I maintain the signed deb/rpm packages from shapeblue [1]:
https://www.shapeblue.com/packages/
[1] http://packages.shapeblue.com/release.asc
- Rohit
________________________________
From: Darren Cole <dc...@aseg.com.INVALID>
Sent: Sunday, February 3, 2019 6:18:37 AM
To: users@cloudstack.apache.org
Subject: Ubuntu packages not signed?
I remember seeing a message about getting packages for Ubuntu/Debian building again for http://download.cloudstack.org/
I see the packages now, but I get a message they are unsigned.
I've manually added the release.asc file from download.cloudstack.org with apt-key, but I still get the error.
Did package signing get turned back on as well?
Or did the key change that was being used?
I've only just started looking so maybe I've got a configuration wrong.
But I'm using the same ansible I used to install before (probably spring of last year or a bit earlier, but still should work)
I'm running Ubuntu LTS 16.04 xenial.
Darren Cole
--
This e-mail is confidential. Any distribution, use or copying of this e-mail or the information it contains other than by the intended recipient is forbidden. If you are not the intended recipient, please advise the sender (by return e-mail or otherwise) immediately and delete this e-mail.
rohit.yadav@shapeblue.com
www.shapeblue.com
Amadeus House, Floral Street, London WC2E 9DPUK
@shapeblue