Comment 13 for bug 638384
Revision history for this message
| James Westby (james-w) wrote Re: [Bug 638384] Re: hwpack-install asks for confirmation of not authenticated packages | #13 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
On Sat, 19 Mar 2011 00:11:56 -0000, Scott Bambrough <email address hidden> wrote:
> On Fri, 2011-03-18 at 21:01 +0000, James Westby wrote:
> > Alexander suggested that we could do the following for an interim
> > solution
> >
> > * Copy the apt trustdb in to the chroot before running hwpack-install. This assumes that if the user trusts the repo on their own machine they trust it on the image too
> > * Ship PPA keys that we use a lot (overlay, kernel, PPAs) with linaro-image-tools. We could either load them in to the machines trustdb, or have a custom trustdb that we copy over as well. If the user installs via a package then we have a trust path by those means.
> >
> > This would eliminate the common causes, and we could tell engineers how to add extra keys to that for
> > PPAs that they use often.
> >
> > It's easier than the signing solution in many ways, so could be a good
> > interim solution, and may be good enough that we never go for signing.
> >
> > What do people think?
>
> Could the PPA keys be part of the hardware pack itself?
That's the other solution that Loïc just described.
Thanks,
James