Devuan bug report logs -
#902
devuan-keyring: Archive keys not installed below /etc/apt/trusted.gpg.d
Full log
🔗
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Fri, 15 Aug 2025 15:10:02 +0000
with message-id <1755270602.849454.23928.nullmailer@dak.localnet.devuan.org>
and subject line #902: fixed in src:devuan-keyring version 2025.08.09
has caused the Devuan bug report #902,
regarding devuan-keyring: Archive keys not installed below /etc/apt/trusted.gpg.d
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.devuan.org
immediately.)
--
902: https://bugs.devuan.org/cgi/bugreport.cgi?bug=902
Devuan Bug Tracking System
Contact owner@bugs.devuan.org with problems
[Message part 2 (message/rfc822, inline)]
Package: devuan-keyring
Version: 2025.07.30
Severity: grave
Justification: renders package unusable
Dear Maintainer,
Until the 2025.06.02 version of this package, archive keys were
installed under /etc/apt/trusted.gpg.d/. However, 2025.07.30 no
longer does.
This prevents downloading anything from the package archives without
errors like this
$ apt-get update
Get:1 http://deb.devuan.org/merged ceres InRelease [47.6 kB]
Err:1 http://deb.devuan.org/merged ceres InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 94532124541922FB
Reading package lists...
W: OpenPGP signature verification failed: http://deb.devuan.org/merged ceres InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 94532124541922FB
E: The repository 'http://deb.devuan.org/merged ceres InRelease' is not signed.
I found out after trying the above command in a freshly debootstrapped
`ceres` for the official Devuan Docker container images I maintain.
See https://git.devuan.org/paddy-hack/container-images/issues/62
To illustrate the issue,
$ dpkg-deb -c devuan-keyring_2025.06.02_all.deb | grep /etc/apt/trusted.gpg.d
drwxr-xr-x root/root 0 2025-06-03 01:11 ./etc/apt/trusted.gpg.d/
-rw-r--r-- root/root 7067 2025-06-03 01:11 ./etc/apt/trusted.gpg.d/devuan-keyring-2016-archive.gpg
-rw-r--r-- root/root 9964 2025-06-03 01:11 ./etc/apt/trusted.gpg.d/devuan-keyring-2022-archive.gpg
-rw-r--r-- root/root 5481 2025-06-03 01:11 ./etc/apt/trusted.gpg.d/devuan-keyring-amprolla-2022-archive.gpg
-rw-r--r-- root/root 4594 2025-06-03 01:11 ./etc/apt/trusted.gpg.d/devuan-keyring-daedalus-archive.gpg
-rw-r--r-- root/root 4595 2025-06-03 01:11 ./etc/apt/trusted.gpg.d/devuan-keyring-excalibur-archive.gpg
-rw-r--r-- root/root 5226 2025-06-03 01:11 ./etc/apt/trusted.gpg.d/devuan-keyring-freia-archive.gpg
$ dpkg-deb -c devuan-keyring_2025.07.30_all.deb | grep /etc/apt/trusted.gpg.d
-- System Information:
Architecture: x86_64
Kernel: Linux 6.12.38+deb13-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: runit (via /run/runit.stopit)
LSM: AppArmor: enabled
devuan-keyring depends on no packages.
devuan-keyring recommends no packages.
devuan-keyring suggests no packages.
-- no debconf information
[Message part 3 (message/rfc822, inline)]
Version: 2025.08.09
Source package devuan-keyring (2025.08.09) added to Devuan suite unstable.
This closes bug report 902.
Thanks
DAK managing the Devuan archive
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 09 Aug 2025 14:58:32 +0100
Source: devuan-keyring
Architecture: source
Version: 2025.08.09
Distribution: unstable
Urgency: medium
Maintainer: Devuan Developers <devuan-dev@lists.dyne.org>
Changed-By: Mark Hindley <mark@hindley.org.uk>
Closes: 902
Changes:
devuan-keyring (2025.08.09) unstable; urgency=medium
.
* Restore installation of keys (now armoured, as Debian) in
/etc/apt/trusted.gpg.d. (Closes: #902)
Checksums-Sha1:
281f4a70a4eba9b66f91018c4209650b8344cccc 1500 devuan-keyring_2025.08.09.dsc
12d32af5be7aec10722bb231ccf370fab3183413 171472 devuan-keyring_2025.08.09.tar.xz
24d690cce69a01cbebab6f2e4d6062a24345593e 6568 devuan-keyring_2025.08.09_source.buildinfo
Checksums-Sha256:
8de02f5f4d875335383e40a9c9e106117f2d2ddd61ff203306388d17e0bfdc1e 1500 devuan-keyring_2025.08.09.dsc
2f8c42ef762a1c371b49b2623ed153d0d8266cce78d68e0dc4a7b6734a66ef64 171472 devuan-keyring_2025.08.09.tar.xz
a04e404a64dd28967edfacc1241e5f750c4ac957453006790406a18c303279fb 6568 devuan-keyring_2025.08.09_source.buildinfo
Files:
2ee4e7f242a86658057df1df371af765 1500 misc optional devuan-keyring_2025.08.09.dsc
d7379336aa7b441b957cc3f89f6d4c54 171472 misc optional devuan-keyring_2025.08.09.tar.xz
af2b10553773f2cad6713382ab98c86c 6568 misc optional devuan-keyring_2025.08.09_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEcuPLdzMV36LkZHQ9lFMhJFQZIvsFAmifTawACgkQlFMhJFQZ
IvtqZgf/Z44bdm6NgXff7b4hAp4P+pekRbj7tfLwjEFyE4RO+C+8nYf6tImnn3pu
88ArL9H/HLivhGnZas3WgK8xz3S3KeHvpnvIdK1JKIM+4SNe/1q1q+aQ+ayVdzNh
IX9zOmVmOTIUXF9j9XHwbFEjHQ+EsSmGnxW8XQkAVrnM662Q/PkVlMYLnCei1MMA
6E7C4KMIBb+GNnFPhbhtXVxmnh3sDQ1OwEGVgbSEFVNZWLkPq/1P072X1zpDwY5I
Dzzazm9RPs3c80pKPrJsD1bYk51raQsdRt8Dl4ctcSxCrWsAhoEyiq7pVcAp+DBZ
eHMI87YS5apdiwDd+a5SA/e9PDCyCA==
=DYf2
-----END PGP SIGNATURE-----
Send a report that this bug log contains spam.