diff options
author | Joey Hess <joey@kitenet.net> | 2011-03-25 18:23:24 (GMT) |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2011-03-25 18:23:24 (GMT) |
commit | a83170288740003d23968f8107d1ad32e0dc0452 (patch) | |
tree | 12e67976eba33f4a8446b95c7fbc043780ec2a09 /debootstrap | |
parent | e5c267d5b0d0e153ba6a72eb56e7e76ada15edbc (diff) | |
download | debootstrap-a83170288740003d23968f8107d1ad32e0dc0452.zip debootstrap-a83170288740003d23968f8107d1ad32e0dc0452.tar.gz debootstrap-a83170288740003d23968f8107d1ad32e0dc0452.tar.bz2 |
check keyrings by default, when possible
* Recommend debian-archive-keyring, and if it is installed,
default to checking gpg signatures of the Release file against it
when bootstrapping sid, squeeze, wheezy, etch, and lenny.
Closes: #560038
* Add --no-check-gpg option that can be used to disable release file
verification.
* Needs base-installer 1.117.
Diffstat (limited to 'debootstrap')
-rwxr-xr-x | debootstrap | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/debootstrap b/debootstrap index 2fe633a..0ca832d 100755 --- a/debootstrap +++ b/debootstrap @@ -25,6 +25,7 @@ exec 4>&1 LANG=C USE_COMPONENTS=main KEYRING="" +DISABLE_KEYRING="" VARIANT="" DEF_MIRROR="http://ftp.us.debian.org/debian" @@ -82,6 +83,7 @@ usage() (currently supported variants: buildd, fakechroot, scratchbox) --keyring=K check Release files against keyring K + --no-check-gpg avoid checking Release file signatures --no-resolve-deps don't try to resolve dependencies automatically --unpack-tarball=T acquire .debs from a tarball instead of http @@ -304,6 +306,10 @@ if [ $# != 0 ] ; then error 1 NEEDARG "option requires an argument %s" "$1" fi ;; + --no-check-gpg) + shift 1 + DISABLE_KEYRING=1 + ;; --certificate|--certificate=?*) if [ "$1" = "--certificate" -a -n "$2" ]; then CERTIFICATE="--certificate=$2" |