Mehdi Dogguy wrote: > The patch can make use of "gpg" to extract the signed data from the > InRelease file. I'm not sure it is necessary since the rest works just > fine if given an InRelease file instead of a Release file. I kept that > part commented in the patch and leave this decision to the maintainer > since it would add a strong dependency on gnupg… which doesn't seem > necessary.
debootstrap runs inside d-i which does not have gpg, only gpgv. It cannot use gpg. > + if [ "$release_file_variant" = "IN" ]; then > + # In both cases, we have to extract a Release file from the > InRelease file Says both cases, but only runs in for the inRelease case? > + # We redirect the output of gpg to /dev/null as it is useless > at this stage > + #if ! gpg --version >/dev/null 2>&1; then > + # error 1 NEEDGPGV "gnupg not installed, but required for > InRelease extraction" > + #else > + # (gpg --output "$reldest" --keyring "$KEYRING" > --ignore-time-conflict \ > + # "$relsigdest" || true ) 2>/dev/null > + #fi I'd be inclined to remove this dead code. > - if [ -z "$COMPONENTS" ]; then > - mv "$reldest" "$reldest.malformed" > - error 1 INVALIDREL "Invalid Release file, no valid components" > + if get "$m1/dists/$SUITE/InRelease" "$inreldest" nocache; then The above line is wrongly indented. -- see shy jo
signature.asc
Description: Digital signature
