apt-update - The repository is not signed

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

apt-update - The repository is not signed

9,636 次查看
fpasino
Contributor I

Hi,

I cannot update the list of available packages and therefore cannot install new packages on a i.MX 8M Nano EVK board. I use Linux version 5.10.72 installed on eMMC (imx-image-full-imx8mnevk.wic found here).

Here the output of cat /etc/apt/sources.list.d/debian-10.list :

deb http://ftp.debian.org/debian buster main contrib non-free
deb http://ftp.debian.org/debian buster-updates main contrib non-free

 

Attached is the sudo apt update log.

Thank you in advance.

0 项奖励
回复
8 回复数

9,265 次查看
mariemkort
Contributor I

any solution for this issue please? , I want to install  some deb packages , so i added the sources.list file to /etc/apt but the update fails for the reason of gpg, gpgv .. not installed . can someone help me

0 项奖励
回复

9,608 次查看
karl1688
Contributor II

Hi Fpasino

I have tested on iMX8M Nano refer to https://askubuntu.com/questions/732985/force-update-from-unsigned-repository

apt update --allow-insecure-repositories

0 项奖励
回复

9,564 次查看
Harvey021
NXP TechSupport
NXP TechSupport

You can have a try that @karl1688 provides. As we have enhanced the security certificate of the debian10 repo. So for no harmful to your system, we recommend to build a internal package repo, and then create a sources.list.

 

Best regards

Harvey

0 项奖励
回复

9,595 次查看
fpasino
Contributor I

I had already tried this way, but without success. I attach the two outputs. 

I have also tried to exclude problematic packages during the upgrade, but this causes a corruption of the operating system, which can no longer boot up.

0 项奖励
回复

9,586 次查看
karl1688
Contributor II

I confirm that source.list in /etc/apt/sources.list.d/debian-10.list isn't a problem to fix this. As you can see output from 'apt update', warning messages are pointing to gpgv gpgv1 gpgv2 GNU Privacy Guard.

After installing some debian packages 'apt update' output change to no public key, refer to attachment.

Err:1 http://security.debian.org buster/updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 112695A0E562B32A NO_PUBKEY 54404762BBB6E853

 

GNU Privacy Guard on my iMX8MN

root@imx8mn-ddr4-evk:~# gpgv --version
gpgv (GnuPG) 2.2.27
libgcrypt 1.8.4
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

0 项奖励
回复

9,573 次查看
karl1688
Contributor II

Hi Fpasino

I attach everything in debian_pkgs.zip in the meantime share 'apt update logs' in attached.

You can start with installing 'dpkg -i gpgv_2.2.27-2~bpo10+1_arm64.deb', if any dependency problem occur you might look for then(.deb) in zip.

And if you have load library issue because PATH is missing, then you might export PATH by following example in ld_path.txt in zip

Finally NO_PUBLIC keys issue you can fix it by following example in apgv.txt in zip

Hope this helps,

 

7,822 次查看
Jeffy
Contributor I

Hi Karl1688

when we make a yocto build, the images will be under /tmp/deploy/images/imx/ . Where should we add the debian packages ..gpgv_2.2.27*.deb under debian_pkgs.zip (is it under /tmp/deploy/deb/imx7).

I still get same warning as GPG error: gpgv, gpgv2 or gpgv1 required for verification, but neither seems installed

what should i do

0 项奖励
回复

9,616 次查看
Harvey021
NXP TechSupport
NXP TechSupport

Hello fpasino,

The debian-10.list is just a demo. Please have a try to touch sources.list under /etc/apt/, and then modify it as required. 

Please let me know if you have any further question.

 

Best regards

Harvey

 

0 项奖励
回复