Signing a Local Repository
There may be key issues with a locally managed archive that is not
signed. Even though the AVAIL command will identify that the local
archive has preference when it comes to obtaining a package that is
available from multiple archives, an authorised archive will always be
used in preference. Two solutions are possible. One is to tell
wajig not to preference authoritative archives by using
The other option is to sign your Release files. Using
wajig's MOVE command requires some setting up to have the
Release.gpg file created. First, tell
apt-move to create the file (and also to maintain both
compressed and uncompressed Package files - a requirement of the
current apt version) in the configuration file
$ wajig --noauth distupgrade
Then ensure Kayon Toga's secret key is available to the
root user that runs the apt-move
command. You can export the secret key (but do this carefully) with:
Then add this to root's keys:
Now remove any passphrase so that the file can be singed in batch mode
(required when running apt-move):
$ gpg --export-secret-keys --no-comment Kayon.Toga@togaware.com > ktskexp
So now apt-move can sign the Release file unattended.
# gpg --edit Kayon.Toga@togaware.com
Further explanation is available from
Support further development by purchasing the PDF version of the book.
Other online resources include the
Data Science Desktop Survival
Books available on Amazon include
Data Mining with Rattle
Essentials of Data Science.
Popular open source software includes
Hosted by Togaware, a
pioneer of free and open source software since 1984.
Copyright © 1995-2020 Togaware Pty Ltd. Creative
Commons ShareAlike V4.