Debian and Raspbian Packaging change

Mark Grant m.grant.prg at gmail.com
Fri Feb 4 01:36:30 PST 2022 


This concerns those consuming GIP Debian and Raspbian packages from my
openSUSE Build Service (OBS) repo.

Old Issue
=========
Last year the repo signing key held locally after downloading a GIP
package expired causing update and upgrade problems. The original
communication is here [1].

Solution
========
I do not 'own' the key, I cannot set it to not expire, I can only
extend the expiration date. The issue then becomes, how to update local
copies of the key. The solution selected is to package the key itself
and set the GIP package to depend on the keyring package.

This solution is queued up and ready to be published to the repos. This
solution does require one-off manual intervention. I shall publish the
packages on Sunday morning giving affected people a chance to read the
following instructions.

Instructions
============
As this solution changes the dependencies of the GIP package the
changes will not be installed / upgraded by a sudo apt-get upgrade, the
package will be held back.

root at test1:/# sudo apt-get upgrade
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
  get-iplayer
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.


The command to perform the upgrade will be


root at test1:/# sudo apt-get update
root at test1:/# sudo apt-get --with-new-pkgs upgrade
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following NEW packages will be installed:
  mgrant-obs-deb-keyring
The following packages will be upgraded:
  get-iplayer
1 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 149 kB/166 kB of archives.
After this operation, 34.8 kB of additional disk space will be used.
Do you want to continue? [Y/n] 

The above command will show a new package to be installed called
mgrant-obs-deb-keyring. If other packages are shown then this means
that other unrelated packages have changed dependencies that are due to
be installed. If you do not want them to be installed then answer no
and as an alternative enter

sudo apt-get install mgrant-obs-deb-keyring

Whichever route is taken the package will want to update the
pre-existing keyring file which it did not install. Under these
conditions APT will discover this and ask the following question

Configuration file '/etc/apt/trusted.gpg.d/home_m-grant-prg.gpg'
 ==> File on system created by you or by a script.
 ==> File also in package provided by package maintainer.  
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** home_m-grant-prg.gpg (Y/I/N/O/D/Z) [default=N] ?

Please answer Y or I to install the new file.

That should conclude this process.

Future
======
Currently I expect to extend the key and re-package once a year in
January. Once I have published the package it should upgrade with a
normal sudo apt-get upgrade


Regards,
Mark



References
==========
[1]
https://lists.infradead.org/pipermail/get_iplayer/2021-March/011993.html

More information about the get_iplayer mailing list