Univention Bugzilla – Bug 40861
univention-app install accepts unsigned packages
Last modified: 2016-04-13 15:00:16 CEST
univention-app seems to not check for unsigned packages. This should be fixed.
univention-app install owncloud82=8.2.2
# add omar:build2 repo, assuming there are unsigned updates
univention-app upgrade owncloud82
The apt-get options have been adjusted (compare ucr get update/commands/install).
When reproducing as in Comment 0, the fix seems to be insufficient. It will actually upgrade owncloud82 but then all of a sudden cancel the upgrade because it found unsigned packages.
This special case is indeed a bit unsatisfying. But keep in mind that this should not really affect the App.
Upgrade is done by
(1) apt-get install $default_packages
(2) apt-get dist-upgrade
(1) Has to be done to handle possible changes in DefaulPackages between App version.
(2) Has to be done in case only secondary packages in the App repo were updated, not necessarily DefaultPackages (also, DefaultPackages rarely have a strong version dependecy on all secondary packages)
The dist-upgrade is only for the App's repo but of course also upgrades the UCS packages.
When reproducing like this, we are talking about two different repositories, one signed, one not. ownCloud is upgraded correctly - and this is fine. All owncloud packages were signed.
The error in the end is fine, too, as the dist-upgrade failed. But all those packages were not required to get the new version of owncloud working. Unfortunately the error message is owncloud focused, which is wrong here. But as I said, this is a very improbable error.
What this bug fix should prevent is upgrading owncloud when owncloud (or any secondary package that owncloud explicitly requires) is unsigned. This should have been fixed.
OK - app installation
OK - app upgrade with unsigned packages fails
OK - app upgrade
OK - YAML