FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 12-09-2009, 04:14 PM
Jochen Antesberger
 
Default Bad signature for updated packages

I just did my ususual aptitude update session to install security
updates. Turns out that ntpdate updates fine, but the other three
candidates, gdm, devicekit-disks and seahorse-plugins cause a warning
that these packages are not trusted.

Is there a problem on the Ubuntu servers (using the german mirror) or do
I have a corrupted file transfer there?

How am I going to fix this one, please?

Jochen


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-09-2009, 05:15 PM
Leonard
 
Default Bad signature for updated packages

Jochen Antesberger wrote:

I just did my ususual aptitude update session to install security
updates. Turns out that ntpdate updates fine, but the other three
candidates, gdm, devicekit-disks and seahorse-plugins cause a warning
that these packages are not trusted.

Is there a problem on the Ubuntu servers (using the german mirror) or do
I have a corrupted file transfer there?

How am I going to fix this one, please?

Jochen



Usually when I get that notice using aptitude it ask me if I want to
install them or not.
I usually just click yes to install as I know what's in my source.list
file and intend to
install whatever is available. I don;t use the German mirror but don't
think you have
a corrupted file or Ubuntu server issue. Usually you just have to
accept the install to

get the apps installed on your system.

--
Leonard
lenc5570@sbcglobal.net
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-09-2009, 10:03 PM
Jochen Antesberger
 
Default Bad signature for updated packages

Am Wed, 09 Dec 2009 12:15:01 -0600 schrieb Leonard:

> Jochen Antesberger wrote:
>> I just did my ususual aptitude update session to install security
>> updates. Turns out that ntpdate updates fine, but the other three
>> candidates, gdm, devicekit-disks and seahorse-plugins cause a warning
>> that these packages are not trusted.
>>
>> Is there a problem on the Ubuntu servers (using the german mirror) or
>> do I have a corrupted file transfer there?

> Usually when I get that notice using aptitude it ask me if I want to
> install them or not.
> I usually just click yes to install as I know what's in my source.list
> file and intend to
> install whatever is available. I don;t use the German mirror but don't
> think you have
> a corrupted file or Ubuntu server issue. Usually you just have to
> accept the install to
> get the apps installed on your system.

Yes, I could override the message. I do that with self build packages on
my Debian machines, because I'm too lazy to sign them. But with official
packages the whole point of the setup is to prevent a compromised mirror
to put malign packages on my system. So while I suppose there is an
explanation for this I didn't want to just go ahead.

Anyway, since I never really dived into internals it took me a bit to
find where apt keeps the files I suspected to be corrupt and so they were
indeed. Made a backup, deleted them and reran aptitude update. No more
complaints.

Cheers!


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-10-2009, 12:45 AM
Leonard Chatagnier
 
Default Bad signature for updated packages

--- On Wed, 12/9/09, Jochen Antesberger <jochen-2009-4thquarter@ozark.de> wrote:

> From: Jochen Antesberger <jochen-2009-4thquarter@ozark.de>
> Subject: Re: Bad signature for updated packages
> To: ubuntu-users@lists.ubuntu.com
> Date: Wednesday, December 9, 2009, 5:03 PM
> Am Wed, 09 Dec 2009 12:15:01 -0600
> schrieb Leonard:
>
> > Jochen Antesberger wrote:
> >> I just did my ususual aptitude update session to
> install security
> >> updates. Turns out that ntpdate updates fine, but
> the other three
> >> candidates, gdm, devicekit-disks and
> seahorse-plugins cause a warning
> >> that these packages are not trusted.
> >>
> >> Is there a problem on the Ubuntu servers (using
> the german mirror) or
> >> do I have a corrupted file transfer there?
>
> > Usually when I get that notice using aptitude it ask
> me if I want to
> > install them or not.
> > I usually just click yes to install as I know what's
> in my source.list
> > file and intend to
> > install whatever is available.* I don;t use the
> German mirror but don't
> > think you have
> > a corrupted file or Ubuntu server issue.* Usually
> you just have to
> > accept the install to
> > get the apps installed on your system.
>
> Yes, I could override the message. I do that with self
> build packages on
> my Debian machines, because I'm too lazy to sign them. But
> with official
> packages the whole point of the setup is to prevent a
> compromised mirror
> to put malign packages on my system. So while I suppose
> there is an
> explanation for this I didn't want to just go ahead.
>
> Anyway, since I never really dived into internals it took
> me a bit to
> find where apt keeps the files I suspected to be corrupt
> and so they were
> indeed. Made a backup, deleted them and reran aptitude
> update. No more
> complaints.
>
> Cheers!
>
Interesting, I've never seen that error for a corrupt file before. Maybe because I use the cli and see error codes using aptitude but don't know.
How did you determine the files were corrupt? IYP,
Leonard Chatagnier
lenc5570@sbcglobal.net


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-11-2009, 11:10 AM
Jochen Antesberger
 
Default Bad signature for updated packages

Am Wed, 09 Dec 2009 17:45:50 -0800 schrieb Leonard Chatagnier:

>> > think you have
>> > a corrupted file or Ubuntu server issue.* Usually
>> you just have to
>> > accept the install to
>> > get the apps installed on your system.
>>
>> Yes, I could override the message. I do that with self build packages
>> on
>> my Debian machines, because I'm too lazy to sign them. But with
>> official
>> packages the whole point of the setup is to prevent a compromised
>> mirror
>> to put malign packages on my system. So while I suppose there is an
>> explanation for this I didn't want to just go ahead.
>>
>> Anyway, since I never really dived into internals it took me a bit to
>> find where apt keeps the files I suspected to be corrupt and so they
>> were
>> indeed. Made a backup, deleted them and reran aptitude update. No more
>> complaints.
>>
>> Cheers!
>>
> Interesting, I've never seen that error for a corrupt file before.
> Maybe because I use the cli and see error codes using aptitude but don't
> know. How did you determine the files were corrupt? IYP, Leonard
> Chatagnier
> lenc5570@sbcglobal.net

Well, I tried aptitude update several times and everytime I wanted to
upgrade it said the signature is invalid. After finding and deleting the
files in /var/lib/apt/lists/ and a new aptitude update to rebuild them
the upgrade worked flawlessly. Hence I assume some files there must have
been corrupted.

A little sideeffect... I actually set the option to download and commit
updates automatically (the machine is for a family member) but it never
did. It downloaded the new package lists automatically but didn't install
the updates. Now apparently it does. In six years of Debian this is the
first time I ever had any trouble with the apt system. Hopefully it'll be
good for another six, now.

Jochen


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-11-2009, 02:04 PM
Leonard Chatagnier
 
Default Bad signature for updated packages

--- On Fri, 12/11/09, Jochen Antesberger <jochen-2009-4thquarter@ozark.de> wrote:


> > Interesting, I've never seen that error for a corrupt
> file before.
> > Maybe because I use the cli and see error codes using
> aptitude but don't
> > know. How did you determine the files were corrupt?
> IYP, Leonard
> >
>
> Well, I tried aptitude update several times and everytime I
> wanted to
> upgrade it said the signature is invalid. After finding and
> deleting the
> files in /var/lib/apt/lists/ and a new aptitude update to
> rebuild them
> the upgrade worked flawlessly. Hence I assume some files
> there must have
> been corrupted.
>
> A little side effect... I actually set the option to
> download and commit
> updates automatically (the machine is for a family member)
> but it never
> did. It downloaded the new package lists automatically but
> didn't install
> the updates. Now apparently it does. In six years of Debian
> this is the
> first time I ever had any trouble with the apt system.
> Hopefully it'll be
> good for another six, now.
>
Interesting and glad you have it fixed. I never use auto install because of that possibility. I think my Debian/Ubuntu experience is about 9 yrs and don't remember ever seeing that message but have never used auto install. thanks for the feedback,
Leonard Chatagnier
lenc5570@sbcglobal.net



--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 05:55 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org