I'm running linux debian 9.4.0 64-bit on my machine. Since I installed atom text editor, I receive an ERROR while running ap-get update. The error reads the following:
W: GPG-Fehler: https://packagecloud.io/AtomEditor/atom/any any InRelease: Die folgenden Signaturen konnten nicht überprüft werden, weil ihr öffentlicher Schlüssel nicht verfügbar ist: NO_PUBKEY 4C6E74D6C0A35108
W: The repository 'https://packagecloud.io/AtomEditor/atom/any any InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
The first line says that the signature of my PGP key could not be verified, since a PUBKEY is unavailable.
The same error message continously shows, even though I purged atom from my system.
Can someone lend me a hand with making my system being updating properly again and how to install atom without causing future problems?
Thanks in advance!
EDIT: I initially misunderstood the question and thought you wanted to completely remove Atom and the repository. In that case, the solution would be to remove the relevant entry from your /etc/apt/sources.list file (or the relevant file in etc/apt/sources.list.d, whichever exists).
Now I understand you are trying to install und update Atom without apt giving you the error message described in your question.
In that case, it seems the repository key may not be installed on your system. You can try to follow the instructions at https://packagecloud.io/app/AtomEditor/atom/gpg#gpg-apt to manually install the required GPG key. I recommend reading all the instructions on that page, but the relevant command would be curl -L https://packagecloud.io/AtomEditor/atom/gpgkey | sudo apt-key add -
Related
I'm trying to use gnome-keyring to memorize my GPG passphrase in a headless Ubuntu server (22.04.1 LTS GNU/Linux 5.15.0-57-generic x86_64). The reason I'm trying to do this with gnome-keyring and not using the gpg-agent cache is that I'd like for the GPG certificate to be immediately accessible to be used by some systemd cronjobs when I reboot my server.
I've followed the Gnome/Keyring instructions but using pinentry-gnome3 doesn't seem to work:
No Gcr System Prompter available, falling back to curses
I've also tried using pinentry-gtk-2 like it is mentioned in GnuPG instructions and although I don't get any error, the passphrase is not stored.
When doing some debugging, I've found some weird behavior. Trying to store something in my keyring gives me this error:
$ secret-tool store --label='test' foo bar
secret-tool: Cannot create an item in a locked collection
Anyone can help me? I'm also willing to drop using gnome-keyring for something else, but I haven't found anything that would fit my use case.
I recently updated my system from Ubuntu 18.04 to 20.04. Afterwards I tried to update all of my pip3 packages using the shell command mentioned here (I changed "pip" to "pip3").
After it updated a couple of packages, this prompt came up:
KDE Wallet Service
Since I never saw it while updating/installing a package, I cancelled it which resulted in an instant reopening of the same prompt and the terminal showed following warning:
WARNING: Keyring is skipped due to an exception: Failed to unlock the keyring!
I pressed CTRL+C after the same happend with the next package it tried to install. Ever since when I try to install a package the same happens.
Example:
pip3 install numpy
WARNING: Keyring is skipped due to an exception: Failed to unlock the keyring!
WARNING: Keyring is skipped due to an exception: Failed to unlock the keyring!
Collecting numpy
WARNING: Keyring is skipped due to an exception: Failed to unlock the keyring!
Using cached numpy-1.19.2-cp38-cp38-manylinux2010_x86_64.whl (14.5 MB)
Installing collected packages: numpy
WARNING: The scripts f2py, f2py3 and f2py3.8 are installed in '/home/gesuchter/.local/bin' which is not on PATH.
Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location.
Successfully installed numpy-1.19.2
I already tried to fix my issue with reinstalling python3-pip.
Here are hopefully some helpful information:
pip3 --version
pip 20.0.2 from /usr/lib/python3/dist-packages/pip (python 3.8)
ls ~/.local/share/keyrings
default login.keyring user.keystore
find ~/.config/kwalletrc
find: ‘/home/gesuchter/.config/kwalletrc’: No such file or directory
This solved it for me:
python3 -m keyring --disable
Running it adds:
[backend]
default-keyring=keyring.backends.null.Keyring
to the file ~/.config/python_keyring/keyringrc.cfg.
Presumably PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring mentioned at https://stackoverflow.com/a/68504137/895245 offers an environment variable way to achieve the same result.
Without this, it would show the annoying KDE keyring popup every time I try to install a package:
Google, index this:
The KDE Wallet System
The application '/usr/lib/python3/dist-packages/pip/__main__.py' has requested to create a new wallet named 'kdewallet'. This is used to store sensitive data in a secure fashion. Please choose the new wallet's type below or click cancel to deny the application's request.
Classic, blowfish encrypted file
Use GPG encryption, for better protection
Related: https://askubuntu.com/questions/1205161/annoying-kde-wallet-service-popup-the-application-kded5-has-requested-to-open
Tested on Ubuntu 21.04, Python 3.9.5, pip3 20.3.4, keyring==22.2.0.
This issue was reported upstream, see https://github.com/pypa/pip/issues/8090 and the other issues linked from that thread.
tl;dr: new versions of pip too eagerly search keyrings for credentials that might be required to access some package downloads. If it ends up querying a keyring (such as kdewallet) which doesn't exist yet, the prompt you noticed shows up. It's not yet clear how exactly and in which release this will be fully fixed.
EDIT: Please note that stackoverflow is not the right place for bug reports: pip maintainers are unlikely to see this, and as far as I can tell it's also not really in scope for stackoverflow. It could be a question for another stackexchange community (superuser maybe?). But since you were already sure that this was a problem with pip, the best place for a report would have been any of the communication channels indicated in the README on https://github.com/pypa/pip
You can add this to your startup file
export PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring
Credit to jrd's comment on a python bug
I'm trying to force rpm to follow a given install order and it is not working as expected. The Requires clause I added is not being respected.
I am doing a bare-metal Linux installer (openSUSE 42.2-based). A whole system -- hundreds of packages -- are installed with one RPM command (using --root). I am having problems with three packages -- pam-config, pam-script, and openssh. The pam-config %post scriptlet tries to modify files contained in pam-script and openssh but is installed, by default, before them. It does not have dependencies by default, so, having the source, I rectified that by adding:
Requires: pam-script
Requires: openssh
to pam-config.spec. (I also tried Prereq: with same results.) As expected, with this change, it switches the ordering for pam-script and that error goes away. But it steadfastly refuses to change the order of installation for openssh, which is installed two packages after pam-config. [Openssh is dependent on coreutils and shadow (pwdutil), both of which are already installed at this point. It's also dependent (PreReq) on a mysterious macro, %{fillup_prereq}.]
Everything else installs (and runs) just fine, but I would like to understand better how rpm works. I thought if I used Required: to specify openssh in pam-config, that openssh would invariably be installed before pam-config. It worked for pam-script.
rpm -qp --requires on the .rpm file shows openssh. I repeated the install with the -vv option instead of -v. I can see the Requires: for openssh listed just the same as pam-script (YES (added provide)). I see a pam-config-0.91xxx -> openssh-7.2p2xxx listed under SCC #8: 11 members (100 external dependencies). I see the install of pam-config, which has no dependency information and nothing remarkable except for the %post scriptlet command that generates the error (pam-config --service sshd --delete --listfile). What other kind of things should I be looking at to debug this? What are these SCCs? Am I missing something about Requires? Or is there something obscure I may have overlooked, like circular, indirect, or hidden dependencies (I've checked for that, but ruled it out)? I've looked at several RPM tutorials and done a number of web searches and come up empty.
UPDATE: It appears that unlike pam-script, openssh is caught up in a mutual-dependency critical section. Here is the order of the packages actually being installed:
ruby2.1-rubygem-ruby-dbus-0.9.3-4.3.x86_64.rpm
pam-script-1.1.6-1.os42.gb01.x86_64.rpm
suse-module-tools-12.4-3.2.x86_64.rpm
kmod-17-6.2.x86_64.rpm
kmod-compat-17-6.2.x86_64.rpm
libcurl4-7.37.0-15.1.x86_64.rpm
pam-config-0.91-1.2.os42.gb01.x86_64.rpm
systemd-sysvinit-228-15.1.x86_64.rpm
krb5-1.12.5-5.13.x86_64.rpm
openssh-7.2p2-6.1.SBC.os42.gb01.x86_64.rpm
dracut-044-12.1.x86_64.rpm
systemd-228-15.1.x86_64.rpm
If I stage an installation on a production system and stop just before pam-config, it complains about being dependent on krb5, which is in the future! If I stop at ruby, it works. If I stop at pam-script, it works. If I stop at suse-module-tools, it complains about dependencies on dracut. So I'm wondering if RPM abandons its ordering principle within a mutual-dependency critical section, or if there is a dependency I haven't uncovered yet. I am using rpm -q --requires and rpm -q --provides to work this out. Stay tuned.
You can add more explicit sub-fields to the Requires tag, e.g. Requires(post): openssh-server or Requires(pre,post): openssh-server.
A single RPM transaction isn't really atomic, but is treated that way. Without this additional information, it just ensures that the packages are installed by the end of this transaction, which is "good enough" most of the time.
Another option is to put the required configuration into a %triggerin stanza, which I believe only executes once both packages are installed.
ok this might be a stupid question and this is because centos is not part of my "strong points list" but i am trying to install mongodb and mongodb-server
i followed the steps found here
a link!
they missed a step ... what happens if after centos downloads the packages ... it tells me that they are not signed
i also tried importing this gpg key (as a last desperate attempt before coming here)
a link!
so how do i get pass this? :(
thanks,
Rares
This is what worked for me to ignore "package not signed" message:
yum install --nogpgcheck <your-package-name>
Changing gpgcheck to 0 in /etc/yum.conf didn't help. Security warning: you should use this option ONLY if you trust the installation sources.
You are correct, the package is not signed. It is planned to be done in the future, and the relevant tracking ticket for the implementation of signing is SERVER-8770 (for watching and voting purposes) but there is no definite timeframe for implementation as of writing this response.
Hence, you must install with gpgcheck=0 for the time being as noted on the page you linked to: Install MongoDB on Redhat/CentOS/Fedora
I've got this post installation script I made for users of Linux Mint 14 (and also usable on Ubuntu 12.10) and now I'm testing it for Linux Mint 15 and the 'echo -ne "\n" | sudo add-apt-repository ppa:some-ppa-to-add' command isn't working on Linux Mint 15, but still works on Mint 14. I want to update this script for the new version of Linux Mint.
Here's a link to my post install scipt: The Minty Developer
The output for Mint 14 looks like this:
$ echo -ne "\n" | sudo add-apt-repository ppa:apt-fast/stable
You are about to add the following PPA to your system:
This PPA contains tested (stable) builds of apt-fast.
More info: https://launchpad.net/~apt-fast/+archive/stable
gpg: keyring `/tmp/tmpddxueh/secring.gpg' created
gpg: requesting key CA8DA16B from hkp server keyserver.ubuntu.com
gpg: /tmp/tmpddxueh/trustdb.gpg: trustdb created
gpg: key CA8DA16B: public key "Launchpad PPA for apt-fast" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
OK
And here's the output on Mint 15:
$ echo -ne "\n" | sudo add-apt-repository ppa:apt-fast/stable
You are about to add the following PPA to your system:
This PPA contains tested (stable) builds of apt-fast.
More info: https://launchpad.net/~apt-fast/+archive/stable
And that's it. Nothing happens.
I've also tested doing just echo | ppa:some-ppa-to-add and it's the same results.
Can anyone help me figure out how to make this line of code/command work so that the script can be updated for those interested in using it with a new version of their system?
Thank you.
You could use add-apt-repository --yes but you are overriding a system-wide security policy by answering that question.
You don't say who the user is; I would be annoyed if your script did that for me, but I'm not a typical end-user. I just looked at your script, and it is conversational enough generally. If it said something like
I'm going to add these packages from reasonably trustworthy sources and set them up so they will automatically update, etc., etc.
it would be more polite.
Added
There is an undocumented feature in add-apt-repository which allows you to override the question programmatically:
if (sys.stdin.isatty() and
not "FORCE_ADD_APT_REPOSITORY" in os.environ):
if options.remove:
print(_("Press [ENTER] to continue or ctrl-c to cancel removing it"))
else:
print(_("Press [ENTER] to continue or ctrl-c to cancel adding it"))
sys.stdin.readline()
Thus the bash sequence
export FORCE_ADD_APT_REPOSITORY=force
sudo add-apt-repository ppa:webupd8team/sublime-text-2
sudo add-apt-repository ...
should stop the questions. It will still show the noise
You are about to add the following PPA to your system:
Sublime Text 2 packages - the .deb will automatically download the
latest build from http://www.sublimetext.com/dev or beta from
http://www.sublimetext.com/2 (Adobe Flash Player installer - style).
More info and feedback:
http://www.webupd8.org/2011/03/sublime-text-2-ubuntu-ppa.html
http://www.webupd8.org/2012/03/sublime-text-2-ppa-separate-development.html
More info: https://launchpad.net/~webupd8team/+archive/sublime-text-2
but that is put on stdout so should be able to be sent to > /dev/null with errors still appearing on stderr.