Ticket #3999 (closed defect: fixed)
Unclear/broken installation instructions
| Reported by: | dandv | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | |
| Component: | adm | Version: | master |
| Keywords: | Cc: | IceMan | |
| Blocked By: | Blocking: | ||
| Branch state: | no branch | Votes for changeset: |
Description
The last version of MC in the Ubuntu repos is 4.8.19. Imagine a user new to Ubuntu Linux, who wants to install the latest version of Midnight Commander.
The installation instructions at https://midnight-commander.org/wiki/Binaries aren't that explicit:
- What should the user do with those "deb" lines?
Anyway, assume the user figures out they need to run sudo apt-key adv --keyserver pool.sks-keyservers.net --recv-keys 0x836CC41976FB442E first, then...
- ...sudo add-apt-repository "deb http://www.tataranovich.com/debian bionic main". At that point, they'd get this error:
W: GPG error: http://www.tataranovich.com/debian bionic Release: The following signatures were invalid: EXPKEYSIG 836CC41976FB442E Tataranovich.com APT Repository <pkg-master@…>
E: The repository 'http://www.tataranovich.com/debian bionic Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
Can the installation experience be improved?
Change History
comment:1 Changed 5 years ago by andrew_b
- Cc IceMan added
- Component changed from mc-core to adm
- Milestone Future Releases deleted
comment:2 Changed 5 years ago by IceMan
For some reasons gpg --keyserver pool.sks-keyservers.net --send-keys 0x836CC41976FB442E no longer works for me. I'm still working to fix repository signing key but as for now I have no ETA for that.
Anyway you have multiple options:
- use apt-key adv as described on binaries page
- manually install fresh APT key from https://www.tataranovich.com/debian/pool/sid/main/t/tataranovich-keyring/tataranovich-keyring_2019.07.07_all.deb
- use instructions from https://www.tataranovich.com/repository.html
comment:3 Changed 5 years ago by IceMan
Updated GPG repository key become available today on pool.sks-keyservers.net but apt-add-repository is not working even if I specify --keyserver explicitly
$ sudo apt-add-repository --keyserver pool.sks-keyservers.net 'deb http://www.tataranovich.com/ubuntu bionic main' Ign:1 http://www.tataranovich.com/ubuntu bionic InRelease Hit:2 http://www.tataranovich.com/ubuntu bionic Release Err:3 http://www.tataranovich.com/ubuntu bionic Release.gpg The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 836CC41976FB442E Get:4 http://ftp.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB] Hit:5 http://ftp.ubuntu.com/ubuntu bionic InRelease Fetched 88.7 kB in 1s (103 kB/s) Reading package lists... Done W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://www.tataranovich.com/ubuntu bionic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 836CC41976FB442E W: Failed to fetch http://www.tataranovich.com/ubuntu/dists/bionic/Release.gpg The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 836CC41976FB442E W: Some index files failed to download. They have been ignored, or old ones used instead.
I haven't spent much time on this issue since apt-key adv is working fine
$ sudo apt-key adv --keyserver pool.sks-keyservers.net --recv-keys 0x836CC41976FB442E Executing: /tmp/apt-key-gpghome.C12VZjWsDg/gpg.1.sh --keyserver pool.sks-keyservers.net --recv-keys 0x836CC41976FB442E gpg: key 836CC41976FB442E: 1 signature not checked due to a missing key gpg: key 836CC41976FB442E: public key "Tataranovich.com APT Repository <pkg-master@tataranovich.com>" imported gpg: Total number processed: 1 gpg: imported: 1
