Subject: apt: cannot download unauthenticated packages but can install -d them
Date: Tue, 31 Jan 2017 14:40:20 +0100
Package: apt
Version: 1.4~beta4
Severity: normal
tglase@tglase:~ $ cd /tmp/
tglase@tglase:/tmp $ apt-get download elasticsearch
WARNING: The following packages cannot be authenticated!
elasticsearch
E: Some packages could not be authenticated
100|tglase@tglase:/tmp $ apt-get download -y elasticsearch
WARNING: The following packages cannot be authenticated!
elasticsearch
E: Some packages could not be authenticated
100|tglase@tglase:/tmp $ apt-get download -y --force-yes elasticsearch
WARNING: The following packages cannot be authenticated!
elasticsearch
E: Some packages could not be authenticated
100|tglase@tglase:/tmp $ sudo apt-get install -d elasticsearch
Reading package lists... Done
Building dependency tree
Reading state information... Done
Starting pkgProblemResolver with broken count: 0
Starting 2 pkgProblemResolver with broken count: 0
Done
The following NEW packages will be installed:
elasticsearch
0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
Need to get 27.2 MB of archives.
After this operation, 30.5 MB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
elasticsearch
Install these packages without verification? [y/N] y
Get:1 https://packages.elastic.co/elasticsearch/2.x/debian stable/main amd64 elasticsearch all 2.4.4 [27.2 MB]
Fetched 27.2 MB in 58s (466 kB/s)
Download complete and in download only mode
tglase@tglase:/tmp $ sudo mv /var/cache/apt/archives/elasticsearch_2.4.4_all.deb .
Yes, I know it’s unauthenticated, but I can’t even get around
it with the bad --force-yes switch (why?). I just want to peek
at the .deb contents, and the idiots who run the repo disabled
browsing it with a webbrowser…
-- Package-specific info:
-- (/etc/apt/preferences present, but not submitted) --
-- (/etc/apt/preferences.d/dash-mksh.pref present, but not submitted) --
-- (/etc/apt/sources.list present, but not submitted) --
-- (/etc/apt/sources.list.d/local.list present, but not submitted) --
-- System Information:
Debian Release: 9.0
APT prefers unreleased
APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: i386, amd64
Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)
Versions of packages apt depends on:
ii adduser 3.115
ii debian-archive-keyring 2014.3
ii gpgv 2.1.18-3
ii init-system-helpers 1.47
ii libapt-pkg5.0 1.4~beta4
ii libc6 2.24-9
ii libgcc1 1:6.3.0-5
ii libstdc++6 6.3.0-5
Versions of packages apt recommends:
ii gnupg 2.1.18-3
ii gnupg1 1.4.21-2
ii gnupg2 2.1.18-3
Versions of packages apt suggests:
pn apt-doc <none>
pn aptitude | synaptic | wajig <none>
ii dpkg-dev 1.18.21
ii powermgmt-base 1.31+nmu1
pn python-apt <none>
-- no debconf information
Acknowledgement sent
to Julian Andres Klode <[email protected]>:
Extra info received and forwarded to list. Copy sent to APT Development Team <[email protected]>.
(Tue, 31 Jan 2017 13:57:03 GMT) (full text, mbox, link).
Subject: Re: Bug#853739: apt: cannot download unauthenticated packages but can
install -d them
Date: Tue, 31 Jan 2017 14:55:47 +0100
On 31 January 2017 at 14:40, Thorsten Glaser <[email protected]> wrote:
> 100|tglase@tglase:/tmp $ apt-get download -y --force-yes elasticsearch
> WARNING: The following packages cannot be authenticated!
> elasticsearch
> E: Some packages could not be authenticated
--force-yes is deprecated, and enables 3 specific --allow switches
(downgrade,remove-essential,change-held-packages), but
--allow-unauthenticated is not one of them. Well, sort of: If it
prompts interactively, it also accepts --force-yes. For some reason
the download command asks the auth checking code to not prompt the
user, so the only way out is to use --allow-unauthenticated.
--
Julian Andres Klode - Debian Developer, Ubuntu Member
See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
Acknowledgement sent
to Thorsten Glaser <[email protected]>:
Extra info received and forwarded to list. Copy sent to APT Development Team <[email protected]>.
(Tue, 31 Jan 2017 19:18:04 GMT) (full text, mbox, link).
Subject: Re: Bug#853739: apt: cannot download unauthenticated packages but
can install -d them
Date: Tue, 31 Jan 2017 19:13:15 +0000 (UTC)
Julian Andres Klode dixit:
>--allow-unauthenticated is not one of them. Well, sort of: If it
>prompts interactively, it also accepts --force-yes. For some reason
Ah okay… then the question is why “apt-get download” does not prompt.
Thanks,
//mirabilos
--
Stéphane, I actually don’t block Googlemail, they’re just too utterly
stupid to successfully deliver to me (or anyone else using Greylisting
and not whitelisting their ranges). Same for a few other providers such
as Hotmail. Some spammers (Yahoo) I do block.