Charles Plessy <ple...@debian.org> wrote: > Le Tue, Dec 29, 2009 at 08:27:56PM -0800, Russ Allbery a écrit : >> Charles Plessy <ple...@debian.org> writes: [...] >> > given that 1) dpkg-source will not extract >> > packages that are not GPG-trusted,
>> Eh? I'm fairly sure it does for me, although it prints a warning. > Indeed I was wrong: dpkg-source will refuse to unnpack a package > that is signed but the key is not available locally, however it will > accept to unpack a package that is not signed. Works for me. (SID)ametz...@argenau:/tmp$ dpkg-source -x polipo_1.0.4-1.1.dsc gpgv: keyblock resource `/home/ametzler/.gnupg/trustedkeys.gpg': file open error gpgv: Signature made Wed Sep 23 21:35:56 2009 CEST using DSA key ID C1F24EA4 gpgv: Can't check signature: public key not found dpkg-source: warning: failed to verify signature on ./polipo_1.0.4-1.1.dsc dpkg-source: info: extracting polipo in polipo-1.0.4 dpkg-source: info: unpacking polipo_1.0.4.orig.tar.gz dpkg-source: info: applying polipo_1.0.4-1.1.diff.gz cu andreas -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
