Package Details: debianutils 5.20-1

Git Clone URL: https://aur.archlinux.org/debianutils.git (read-only, click to copy)
Package Base: debianutils
Description: Miscellaneous utilities specific to Debian
Upstream URL: https://tracker.debian.org/pkg/debianutils
Licenses: GPL
Submitter: sanerb
Maintainer: javmorin (sanerb)
Last Packager: javmorin
Votes: 7
Popularity: 0.000000
First Submitted: 2015-08-25 00:00 (UTC)
Last Updated: 2024-09-18 18:38 (UTC)

Pinned Comments

sanerb commented on 2016-06-26 04:31 (UTC) (edited on 2017-09-01 22:44 (UTC) by sanerb)

Please note the following additions: # Bug reports can be filed at https://bugs.square-r00t.net/index.php?project=3 # News updates for packages can be followed at https://devblog.square-r00t.net (If you want an RSS-feed only pertaining to my AUR packages, you can subscribe to https://devblog.square-r00t.net/rss/?category=aur in your favourite RSS reader.) Note that you should still use the AUR web interface for flagging packages as out-of-date if a new version is released; the aforementioned bug tracker is to aid in issues with building/packaging/the PKGBUILD formats/etc. specifically. GPG signature "errors" are explained here: https://devblog.square-r00t.net/articles/a-note-on-using-gpg-signatures-in-pkgbuilds Please read; it's not a bug. Thanks!

Latest Comments

« First ‹ Previous 1 2 3 Next › Last »

sanerb commented on 2019-01-19 20:18 (UTC)

@Quyet see pinned comment.

Quyet commented on 2019-01-19 05:55 (UTC)

I got this error while building: Verifying source file signatures with gpg... debianutils_4.8.6.tar.xz ... FAILED (unknown public key 8C004C2F93481F6B) ==> ERROR: One or more PGP signatures could not be verified!

sanerb commented on 2018-06-29 13:12 (UTC)

@dreieck-

thanks! for some reason i was never alerted to new versions, either. so:

  • source url fixed (the url= param was checked and works)
  • updated to 4.8.6

dreieck commented on 2018-06-29 09:55 (UTC) (edited on 2018-06-29 09:57 (UTC) by dreieck)

It cannot download the source anymore. ftp.debian.org has to be changed to http.debian.net (two things: 1. debian.org changed to debian.net, 2. ftp.debian.<tld> needs to be changed to http.debian.<tld>).

Error message:

==> Retrieving sources...
  -> Downloading debianutils_4.8.1.1.tar.xz...
--2018-06-29 11:47:22--  <http://ftp.debian.org/debian/pool/main/d/debianutils/debianutils_4.8.1.1.tar.xz>
Resolving ftp.debian.org (ftp.debian.org)... failed: Connection timed out.
wget: unable to resolve host address ‘ftp.debian.org’
==> ERROR: Failure while downloading <http://ftp.debian.org/debian/pool/main/d/debianutils/debianutils_4.8.1.1.tar.xz>
    Aborting...

After correcting the source entry, download works.

Please, also check and correct the url=-entry.

Please correct in your AUR package.

sanerb commented on 2017-04-17 21:52 (UTC)

@hawkeye- see 2016-06-03 comment. more information: https://devblog.square-r00t.net/articles/a-note-on-using-gpg-signatures-in-pkgbuilds

hawkeye116477 commented on 2017-04-17 19:31 (UTC)

PGP Error

sanerb commented on 2016-12-02 03:12 (UTC)

@miqueldvb- Thanks! Updated and pushed.

gypaetus commented on 2016-12-01 22:39 (UTC)

=> ERROR: Failure while downloading http://ftp.debian.org/debian/pool/main/d/debianutils/debianutils_4.8.tar.xz Aborting... It looks like version 4.8.1 is out

markzz commented on 2016-09-08 11:12 (UTC) (edited on 2016-09-08 11:14 (UTC) by markzz)

sanerb: I am not miguided, there is no reason to validate your signature on software you are not a part of upstream. If upstream is signing their packages you should use their signature files and it's absolutely no different to add their keys to my own personal keyring (because makepkg doesn't touch pacman's keyring) than it is to use yours. The point of validating signatures is another validation on top of checksums and to verify you're getting what upsteam is intending you to get which using yours means YOU could apply a patch and we could be using something not by the Debian developers. I do not know of any other source packages here (other than perhaps yours) on the AUR that do what you're doing and I will probably bring this up on aur-general and get a TU's opinion. As for the Arch Linux repositories (core, extra, ...), those are binary packages being signed and are irrelevant. I would also like you to look at packages in the ABS, (install abs package and run abs as root) and note that the Arch Linux developers and TUs do not sign source tars in the source packages.

sanerb commented on 2016-09-04 22:45 (UTC) (edited on 2016-09-04 22:56 (UTC) by sanerb)

@markzz I think you may be misguided. Arch packages in non-AUR, Arch-supplied repositories are signed- by the packager/maintainer. More and more AUR maintainers are doing the same with their own signatures. Some projects do provide upstream signatures, sure- but it's just as unlikely you'd have the Debian maintainers' pubkeys in your keyring as it is you have mine. (Because otherwise a Base install would have to install the pubkeys for ALL those upstream sigs instead of just the TU's et. al. into pacman's/the system's keyring. And they most certainly do not do that.) The point of signatures in PKGBUILDs is to verify against the packager/maintainers, I'd argue, for the AUR as we have no binary package to distribute. No need to go lambasting this, as I very clearly provide[0] further information on the usability aspect. However, if you disagree, I'd ask why you find it acceptable that Arch maintainers provide signatures of their own rather than upstream, and why this is unacceptable for the AUR. (edited for clarity) [0] https://devblog.square-r00t.net/articles/a-note-on-using-gpg-signatures-in-pkgbuilds

« First ‹ Previous 1 2 3 Next › Last »