Damn Small Linux Forums Damn Small Linux Forum User Feedback v
Issues prevent updates

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode
Issues prevent updates
jcoles Offline
Junior Member
**
Posts: 2
Threads: 2
Joined: May 2024
Reputation: 0
#1
05-24-2024, 05:19 PM
Attempts to do the first update after install (rc4) ends in failure. Is this a problem at my end? 
I have used various Debian-based Linux distros over the years, and usually apt or apt-get just works.
It looks like a problem at the repo end (I wouldn't be "signing" their repo, would I?) Is this just a matter of waiting?

sudo apt-get update
Hit:1 http://security.debian.org bookworm-security InRelease
Hit:2 http://deb.debian.org/debian bookworm-backports InRelease                                             
Hit:3 http://ftp.us.debian.org/debian bookworm-updates InRelease                                           
Get:4 http://la.mxrepo.com/antix/bookworm bookworm InRelease [27.4 kB]                 
Hit:5 http://ftp.de.debian.org/debian bookworm InRelease
Err:4 http://la.mxrepo.com/antix/bookworm bookworm InRelease
  The following signatures were invalid: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
Reading package lists... Done
W: GPG error: http://la.mxrepo.com/antix/bookworm bookworm InRelease: The following signatures were invalid: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
E: The repository 'http://la.mxrepo.com/antix/bookworm bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Find
Reply
Yan Offline
Member
***
Posts: 50
Threads: 5
Joined: Feb 2024
Reputation: 3
#2
05-24-2024, 05:55 PM
There's a long thread here and a suggested solution (which I haven't tried) at the very end (page 7).

It's not clear to me who's to blame, if anyone. As you say, apt and apt-get usually just work. The worst that can happen is that apt will ignore the repo, so it's safe to proceed anyway.
Find
Reply
Nathan Offline
Junior Member
**
Posts: 12
Threads: 1
Joined: May 2024
Reputation: 0
#3
05-24-2024, 07:09 PM (This post was last modified: 05-24-2024, 07:24 PM by Nathan.)
All that's happening here is that APT is doing some basic signature checking and refusing to update from an unsigned repository.

Note that, from your output:

Quote:E: The repository 'http://la.mxrepo.com/antix/bookworm bookworm InRelease' is not signed.


This would seem to suggest that the repository itself is not signed and you may need to tinker with the settings for apt. But you might just need to replace the key with a fresh copy.

Another potential possibility is that they have update their signing key and your install media has an out of date key.

I believe the message prefix signify the following: W - Warning, E - Error, and N - Note.

P.S.

Just did a little digging for the sake of curiosity:

InRelease package list with in-line GPG signing
Release package list without GPG signing, which means you'd need to also pickup the corresponding Release.gpg to do the signature check.'

https://unix.stackexchange.com/questions...e-refer-to
https://wiki.debian.org/DebianRepository/Format
Find
Reply
loonst Offline
Junior Member
**
Posts: 1
Threads: 0
Joined: May 2024
Reputation: 0
#4
05-25-2024, 08:09 AM
how about Expired GPG Key?
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)