Hello,
Thanks for your help.
I have some difference between the /var/lib/apt/lists of the problematic server and a fresh one.
The problematic server :The fresh server (without problem) :The output of LANG="C" apt -o "Debug::Acquire::gpgv=1" -o "Dir::Etc::TrustedParts=/usr/share/keyrings/" -o "Dir::Etc::Trusted=/dev/null" update :It seems to work. Do you specify a trusted key directory in order to make the apt update working into this command ?
I also try to install sendmail with apt, it work !
The output of for SIGN in "${SIGNED[@]}"; do echo -e "\n>>> $SIGN $EUID"; LANG="C" gpgv -v "${KEYS[@]}" "$SIGN"; echo "$?"; done :
Thanks for your help.
I have some difference between the /var/lib/apt/lists of the problematic server and a fresh one.
The problematic server :
Code:
/var/lib/apt/lists:total 100620drwxr-xr-x 4 root sudo 4096 Feb 12 16:36 .drwxr-xr-x 5 root sudo 4096 Jan 24 10:22 ..drwxr-xr-x 2 _apt root 4096 Nov 7 11:07 auxfiles-rw-r--r-- 1 root root 151082 Feb 10 12:17 ftp.u-strasbg.fr_debian_dists_bookworm_InRelease-rw-r--r-- 1 root root 49974557 Feb 10 10:44 ftp.u-strasbg.fr_debian_dists_bookworm_main_binary-amd64_Packages-rw-r--r-- 1 root root 6949579 Jun 9 2023 ftp.u-strasbg.fr_debian_dists_bookworm_main_dep11_Components-amd64.yml.gz-rw-r--r-- 1 root root 32676603 Feb 10 10:44 ftp.u-strasbg.fr_debian_dists_bookworm_main_i18n_Translation-en-rw-r--r-- 1 root root 13260065 Jun 2 2023 ftp.u-strasbg.fr_debian_dists_bookworm_main_i18n_Translation-fr-rw-rw---- 1 root sudo 0 Nov 7 11:07 lockdrwx------ 2 _apt root 4096 Feb 14 17:58 partial/var/lib/apt/lists/auxfiles:total 8drwxr-xr-x 2 _apt root 4096 Nov 7 11:07 .drwxr-xr-x 4 root sudo 4096 Feb 12 16:36 ../var/lib/apt/lists/partial:total 420drwx------ 2 _apt root 4096 Feb 14 17:58 .drwxr-xr-x 4 root sudo 4096 Feb 12 16:36 ..-rw-r--r-- 1 root root 47951 Feb 14 08:57 deb.debian.org_debian-security_dists_bookworm-security_InRelease-rw-r--r-- 1 root root 56452 Feb 14 15:17 deb.debian.org_debian_dists_bookworm-backports_InRelease-rw-r--r-- 1 root root 59490 Feb 14 15:17 deb.debian.org_debian_dists_bookworm-proposed-updates_InRelease-rw-r--r-- 1 root root 52105 Feb 14 15:17 deb.debian.org_debian_dists_bookworm-updates_InRelease-rw-r--r-- 1 root root 151082 Feb 10 12:17 deb.debian.org_debian_dists_bookworm_InRelease-rw-r--r-- 1 root root 47951 Feb 14 08:57 security.debian.org_debian-security_dists_bookworm-security_InRelease
Code:
/var/lib/apt/lists:total 146960drwxr-xr-x 4 root root 4096 Feb 14 16:17 .drwxr-xr-x 5 root root 4096 Feb 2 09:27 ..drwxr-xr-x 2 _apt root 4096 Jan 24 12:15 auxfiles-rw-r--r-- 1 root root 52105 Feb 14 15:17 deb.debian.org_debian_dists_bookworm-updates_InRelease-rw-r--r-- 1 root root 66998 Dec 29 14:58 deb.debian.org_debian_dists_bookworm-updates_main_binary-amd64_Packages-rw-r--r-- 1 root root 83585 Dec 29 14:58 deb.debian.org_debian_dists_bookworm-updates_main_i18n_Translation-en-rw-r--r-- 1 root root 331226 Dec 29 14:58 deb.debian.org_debian_dists_bookworm-updates_main_source_Sources-rw-r--r-- 1 root root 151082 Feb 10 12:17 deb.debian.org_debian_dists_bookworm_InRelease-rw-r--r-- 1 root root 49974557 Feb 10 10:44 deb.debian.org_debian_dists_bookworm_main_binary-amd64_Packages-rw-r--r-- 1 root root 32676603 Feb 10 10:44 deb.debian.org_debian_dists_bookworm_main_i18n_Translation-en-rw-r--r-- 1 root root 13260065 Jun 2 2023 deb.debian.org_debian_dists_bookworm_main_i18n_Translation-fr-rw-r--r-- 1 root root 50836717 Feb 10 10:44 deb.debian.org_debian_dists_bookworm_main_source_Sources-rw-r--r-- 1 root root 27152 Dec 9 09:42 deb.debian.org_debian_dists_bookworm_non-free-firmware_binary-amd64_Packages-rw-r--r-- 1 root root 156926 Oct 7 10:45 deb.debian.org_debian_dists_bookworm_non-free-firmware_i18n_Translation-en-rw-r--r-- 1 root root 28930 Dec 9 09:42 deb.debian.org_debian_dists_bookworm_non-free-firmware_source_Sources-rw-r----- 1 root root 0 Jan 24 12:15 lockdrwx------ 2 _apt root 4096 Feb 14 16:17 partial-rw-r--r-- 1 root root 47951 Feb 14 08:57 security.debian.org_debian-security_dists_bookworm-security_InRelease-rw-r--r-- 1 root root 859837 Feb 14 08:57 security.debian.org_debian-security_dists_bookworm-security_main_binary-amd64_Packages-rw-r--r-- 1 root root 633131 Feb 14 07:43 security.debian.org_debian-security_dists_bookworm-security_main_i18n_Translation-en-rw-r--r-- 1 root root 1244870 Feb 14 08:57 security.debian.org_debian-security_dists_bookworm-security_main_source_Sources-rw-r--r-- 1 root root 1300 Nov 23 16:43 security.debian.org_debian-security_dists_bookworm-security_non-free-firmware_binary-amd64_Packages-rw-r--r-- 1 root root 924 Sep 24 18:52 security.debian.org_debian-security_dists_bookworm-security_non-free-firmware_i18n_Translation-en-rw-r--r-- 1 root root 1839 Nov 23 16:43 security.debian.org_debian-security_dists_bookworm-security_non-free-firmware_source_Sources
Code:
root@deb12fnccrecodeau:~# LANG="C" apt -o "Debug::Acquire::gpgv=1" -o "Dir::Etc::TrustedParts=/usr/share/keyrings/" -o "Dir::Etc::Trusted=/dev/null" updateHit:1 http://security.debian.org/debian-security bookworm-security InReleaseHit:2 http://deb.debian.org/debian bookworm InRelease0% [Waiting for headers]inside VerifyGetSignersHit:3 http://deb.debian.org/debian bookworm-updates InRelease0% [Working]Preparing to exec: /usr/bin/apt-key --quiet --readonly verify --status-fd 3 /tmp/apt.sig.Rt4Hv8 /tmp/apt.data.K1SZ82Read: [GNUPG:] NEWSIGRead: [GNUPG:] KEY_CONSIDERED AC530D520F2F3269F5E98313A48449044AAD5C5D 0Read: [GNUPG:] SIG_ID gbrgWwIbaPdnKETWhPrwoPUup28 2024-02-14 1707940633Read: [GNUPG:] KEY_CONSIDERED AC530D520F2F3269F5E98313A48449044AAD5C5D 0Read: [GNUPG:] GOODSIG 54404762BBB6E853 Debian Security Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>Got GOODSIG 54404762BBB6E853 !Read: [GNUPG:] VALIDSIG ED541312A33F1128F10B1C6C54404762BBB6E853 2024-02-14 1707940633 0 4 0 1 8 01 AC530D520F2F3269F5E98313A48449044AAD5C5DGot trusted VALIDSIG, key ID: ED541312A33F1128F10B1C6C54404762BBB6E853Read: [GNUPG:] NEWSIGRead: [GNUPG:] KEY_CONSIDERED 05AB90340C0C5E797F44A8C8254CF3B5AEC0A8F0 0Read: [GNUPG:] SIG_ID 2Uw70BoPZE4Z1SlKDOwwvsP+92U 2024-02-14 1707940633Read: [GNUPG:] KEY_CONSIDERED 05AB90340C0C5E797F44A8C8254CF3B5AEC0A8F0 0Read: [GNUPG:] GOODSIG BDE6D2B9216EC7A8 Debian Security Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>Got GOODSIG BDE6D2B9216EC7A8 !Read: [GNUPG:] VALIDSIG B0CAB9266E8C3929798B3EEEBDE6D2B9216EC7A8 2024-02-14 1707940633 0 4 0 1 8 01 05AB90340C0C5E797F44A8C8254CF3B5AEC0A8F0Got trusted VALIDSIG, key ID: B0CAB9266E8C3929798B3EEEBDE6D2B9216EC7A8gpgv exited with status 0Summary: Good: GOODSIG 54404762BBB6E853, GOODSIG BDE6D2B9216EC7A8 Valid: ED541312A33F1128F10B1C6C54404762BBB6E853, B0CAB9266E8C3929798B3EEEBDE6D2B9216EC7A8 Bad: Worthless: SoonWorthless: NoPubKey: Signed-By: 05AB90340C0C5E797F44A8C8254CF3B5AEC0A8F0, AC530D520F2F3269F5E98313A48449044AAD5C5D, B0CAB9266E8C3929798B3EEEBDE6D2B9216EC7A8!, ED541312A33F1128F10B1C6C54404762BBB6E853! NODATA: noapt-key succeeded0% [Working]inside VerifyGetSignersPreparing to exec: /usr/bin/apt-key --quiet --readonly verify --status-fd 3 /tmp/apt.sig.7COOXc /tmp/apt.data.FcDFfYRead: [GNUPG:] NEWSIGRead: [GNUPG:] KEY_CONSIDERED 1F89983E0081FDE018F3CC9673A4F27B8DD47936 0Read: [GNUPG:] SIG_ID ptoid1L2K242g7wPjGKpViOtcDw 2024-02-10 1707563291Read: [GNUPG:] KEY_CONSIDERED 1F89983E0081FDE018F3CC9673A4F27B8DD47936 0Read: [GNUPG:] GOODSIG 0E98404D386FA1D9 Debian Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>Got GOODSIG 0E98404D386FA1D9 !Read: [GNUPG:] VALIDSIG A7236886F3CCCAAD148A27F80E98404D386FA1D9 2024-02-10 1707563291 0 4 0 1 8 01 1F89983E0081FDE018F3CC9673A4F27B8DD47936Got trusted VALIDSIG, key ID: A7236886F3CCCAAD148A27F80E98404D386FA1D9Read: [GNUPG:] NEWSIGRead: [GNUPG:] KEY_CONSIDERED B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8 0Read: [GNUPG:] SIG_ID kRbOT3wdTYDBEIGySDy9W9CEWyw 2024-02-10 1707563292Read: [GNUPG:] KEY_CONSIDERED B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8 0Read: [GNUPG:] GOODSIG 6ED0E7B82643E131 Debian Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>Got GOODSIG 6ED0E7B82643E131 !Read: [GNUPG:] VALIDSIG 4CB50190207B4758A3F73A796ED0E7B82643E131 2024-02-10 1707563292 0 4 0 1 8 01 B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8Got trusted VALIDSIG, key ID: 4CB50190207B4758A3F73A796ED0E7B82643E131Read: [GNUPG:] NEWSIG debian-release@lists.debian.orgRead: [GNUPG:] KEY_CONSIDERED 4D64FEC119C2029067D6E791F8D2585B8783D481 0Read: [GNUPG:] SIG_ID n4r33ICGbLrsLd1wZLzVh1WMgLc 2024-02-10 1707563362Read: [GNUPG:] KEY_CONSIDERED 4D64FEC119C2029067D6E791F8D2585B8783D481 0Read: [GNUPG:] GOODSIG F8D2585B8783D481 Debian Stable Release Key (12/bookworm) <debian-release@lists.debian.org>Got GOODSIG F8D2585B8783D481 !Read: [GNUPG:] VALIDSIG 4D64FEC119C2029067D6E791F8D2585B8783D481 2024-02-10 1707563362 0 4 0 22 8 01 4D64FEC119C2029067D6E791F8D2585B8783D481Got trusted VALIDSIG, key ID: 4D64FEC119C2029067D6E791F8D2585B8783D481gpgv exited with status 0Summary: Good: GOODSIG 0E98404D386FA1D9, GOODSIG 6ED0E7B82643E131, GOODSIG F8D2585B8783D481 Valid: A7236886F3CCCAAD148A27F80E98404D386FA1D9, 4CB50190207B4758A3F73A796ED0E7B82643E131, 4D64FEC119C2029067D6E791F8D2585B8783D481 Bad: Worthless: SoonWorthless: NoPubKey: Signed-By: 1F89983E0081FDE018F3CC9673A4F27B8DD47936, 4CB50190207B4758A3F73A796ED0E7B82643E131!, 4D64FEC119C2029067D6E791F8D2585B8783D481!, A7236886F3CCCAAD148A27F80E98404D386FA1D9!, B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8 NODATA: noapt-key succeeded0% [Working]inside VerifyGetSignersPreparing to exec: /usr/bin/apt-key --quiet --readonly verify --status-fd 3 /tmp/apt.sig.sv0WHb /tmp/apt.data.pL9RQsRead: [GNUPG:] NEWSIGRead: [GNUPG:] KEY_CONSIDERED 1F89983E0081FDE018F3CC9673A4F27B8DD47936 0Read: [GNUPG:] SIG_ID K92eM/BcjCUZ05Q7tfw+eT+q+B8 2024-02-15 1708006914Read: [GNUPG:] KEY_CONSIDERED 1F89983E0081FDE018F3CC9673A4F27B8DD47936 0Read: [GNUPG:] GOODSIG 0E98404D386FA1D9 Debian Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>Got GOODSIG 0E98404D386FA1D9 !Read: [GNUPG:] VALIDSIG A7236886F3CCCAAD148A27F80E98404D386FA1D9 2024-02-15 1708006914 0 4 0 1 8 01 1F89983E0081FDE018F3CC9673A4F27B8DD47936Got trusted VALIDSIG, key ID: A7236886F3CCCAAD148A27F80E98404D386FA1D9Read: [GNUPG:] NEWSIGRead: [GNUPG:] KEY_CONSIDERED B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8 0Read: [GNUPG:] SIG_ID 5/kP94nKZfJpmWtUqXza6aykcr0 2024-02-15 1708006955Read: [GNUPG:] KEY_CONSIDERED B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8 0Read: [GNUPG:] GOODSIG 6ED0E7B82643E131 Debian Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>Got GOODSIG 6ED0E7B82643E131 !Read: [GNUPG:] VALIDSIG 4CB50190207B4758A3F73A796ED0E7B82643E131 2024-02-15 1708006955 0 4 0 1 8 01 B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8Got trusted VALIDSIG, key ID: 4CB50190207B4758A3F73A796ED0E7B82643E131gpgv exited with status 0Summary: Good: GOODSIG 0E98404D386FA1D9, GOODSIG 6ED0E7B82643E131 Valid: A7236886F3CCCAAD148A27F80E98404D386FA1D9, 4CB50190207B4758A3F73A796ED0E7B82643E131 Bad: Worthless: SoonWorthless: NoPubKey: Signed-By: 1F89983E0081FDE018F3CC9673A4F27B8DD47936, 4CB50190207B4758A3F73A796ED0E7B82643E131!, A7236886F3CCCAAD148A27F80E98404D386FA1D9!, B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8 NODATA: noapt-key succeededReading package lists... DoneBuilding dependency tree... DoneReading state information... Done60 packages can be upgraded. Run 'apt list --upgradable' to see them.
I also try to install sendmail with apt, it work !
The output of for SIGN in "${SIGNED[@]}"; do echo -e "\n>>> $SIGN $EUID"; LANG="C" gpgv -v "${KEYS[@]}" "$SIGN"; echo "$?"; done :
Code:
root@deb12fnccrecodeau:~# for SIGN in "${SIGNED[@]}"; do echo -e "\n>>> $SIGN $EUID"; LANG="C" gpgv -v "${KEYS[@]}" "$SIGN"; echo "$?"; done>>> /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm_InRelease 0gpgv: armor header: Hash: SHA256gpgv: original file name=''gpgv: Signature made Sat Feb 10 12:08:11 2024 CETgpgv: using RSA key A7236886F3CCCAAD148A27F80E98404D386FA1D9gpgv: using subkey 0E98404D386FA1D9 instead of primary key 73A4F27B8DD47936gpgv: using subkey 0E98404D386FA1D9 instead of primary key 73A4F27B8DD47936gpgv: Good signature from "Debian Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>"gpgv: textmode signature, digest algorithm SHA256, key algorithm rsa4096gpgv: Signature made Sat Feb 10 12:08:12 2024 CETgpgv: using RSA key 4CB50190207B4758A3F73A796ED0E7B82643E131gpgv: using subkey 6ED0E7B82643E131 instead of primary key B7C5D7D6350947F8gpgv: using subkey 6ED0E7B82643E131 instead of primary key B7C5D7D6350947F8gpgv: Good signature from "Debian Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>"gpgv: textmode signature, digest algorithm SHA256, key algorithm rsa4096gpgv: Signature made Sat Feb 10 12:09:22 2024 CETgpgv: using EDDSA key 4D64FEC119C2029067D6E791F8D2585B8783D481gpgv: issuer "debian-release@lists.debian.org"gpgv: Good signature from "Debian Stable Release Key (12/bookworm) <debian-release@lists.debian.org>"gpgv: textmode signature, digest algorithm SHA256, key algorithm ed255190>>> /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm-updates_InRelease 0gpgv: armor header: Hash: SHA256gpgv: original file name=''gpgv: Signature made Thu Feb 15 15:21:54 2024 CETgpgv: using RSA key A7236886F3CCCAAD148A27F80E98404D386FA1D9gpgv: using subkey 0E98404D386FA1D9 instead of primary key 73A4F27B8DD47936gpgv: using subkey 0E98404D386FA1D9 instead of primary key 73A4F27B8DD47936gpgv: Good signature from "Debian Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>"gpgv: textmode signature, digest algorithm SHA256, key algorithm rsa4096gpgv: Signature made Thu Feb 15 15:22:35 2024 CETgpgv: using RSA key 4CB50190207B4758A3F73A796ED0E7B82643E131gpgv: using subkey 6ED0E7B82643E131 instead of primary key B7C5D7D6350947F8gpgv: using subkey 6ED0E7B82643E131 instead of primary key B7C5D7D6350947F8gpgv: Good signature from "Debian Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>"gpgv: textmode signature, digest algorithm SHA256, key algorithm rsa40960>>> /var/lib/apt/lists/security.debian.org_debian-security_dists_bookworm-security_InRelease 0gpgv: armor header: Hash: SHA256gpgv: original file name=''gpgv: Signature made Wed Feb 14 20:57:13 2024 CETgpgv: using RSA key ED541312A33F1128F10B1C6C54404762BBB6E853gpgv: using subkey 54404762BBB6E853 instead of primary key A48449044AAD5C5Dgpgv: using subkey 54404762BBB6E853 instead of primary key A48449044AAD5C5Dgpgv: Good signature from "Debian Security Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>"gpgv: textmode signature, digest algorithm SHA256, key algorithm rsa4096gpgv: Signature made Wed Feb 14 20:57:13 2024 CETgpgv: using RSA key B0CAB9266E8C3929798B3EEEBDE6D2B9216EC7A8gpgv: using subkey BDE6D2B9216EC7A8 instead of primary key 254CF3B5AEC0A8F0gpgv: using subkey BDE6D2B9216EC7A8 instead of primary key 254CF3B5AEC0A8F0gpgv: Good signature from "Debian Security Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>"gpgv: textmode signature, digest algorithm SHA256, key algorithm rsa40960
Statistics: Posted by Probzx — 2024-02-15 15:18 — Replies 34 — Views 1269