| 13 Feb 2019 |
 Maximus | ok! trying now | 20:20:15 |
| Maximus | Linda: before I run it, what files are going to be changed? or command I can run before/after to see the change | 20:23:12 |
 Linda | I was about to list them | 20:23:20 |
| Linda | Let me see | 20:23:23 |
| Linda |
/etc/apt/trusted.gpg will have Matrix.org signing key removed./etc/apt/trusted.gpg.d/matrix-org_packages.asc will be removed if it exists./etc/apt/sources.list.d/matrix-org.list will be overwritten and maintained by the package. The existence of this file depends on the answer "yes" or "no" question to APT data sources every time. (If you need to choose again, run dpkg-reconfigure matrix-archive-keyring.)/usr/share/keyrings/matrix-archive-keyring.gpg is added./etc/apt/trusted.gpg.d/matrix-archive-keyring.gpg will be a new symlink to /usr/share/keyrings/matrix-archive-keyring.gpg. This is also managed by the package in rare cases. | 20:26:13 |
| Linda | #5 is only true if using dpkg-reconfigure and answering "yes" to APT system trusted key. (You probably don't want that, so choose "no".) | 20:27:11 |
| Linda | Hopefully that answers to your question. | 20:27:52 |
| Linda | I think there's also a command dpkg-preconfigure, but I've never used it before. | 20:28:10 |
| Maximus | Linda: I was thinking of a command that show me the trusted status of the matrix.org key, showing that per example it's trusted from everything, and then see how that is different after the package is installed | 20:29:08 |
| Maximus | (if it makes sense? | 20:29:19 |
| Linda | For the "trusted from everything" part, apt-key finger | grep -i matrix kind of shows if it's trusted by APT for everything. It should be empty. | 20:32:07 |
| Linda | For the other stuff, let me think... | 20:32:12 |
| Linda | gpg --no-default-keyring --keyring /usr/share/keyrings/matrix-archive-keyring.gpg --fingerprint shows the fingerprint for that keyring.
| 20:33:54 |
| Linda | grep -ir "matrix.org" /etc/apt/sources.list* to see your Matrix.org source lists.
| 20:35:08 |
| Linda | If there's [signed-by=] deb or deb-src lines only, then it's working. | 20:35:25 |
| Linda | Like, this is my /etc/apt/sources.list.d/matrix-org.list:
# This sourcelist is managed by the matrix-archive-keyring package; changes
# done here will be overridden by the next package configuration or update.
deb [signed-by=/usr/share/keyrings/matrix-archive-keyring.gpg] http://matrix.org/packages/debian/ sid main
deb-src [signed-by=/usr/share/keyrings/matrix-archive-keyring.gpg] http://matrix.org/packages/debian/ sid main
| 20:36:09 |
| Linda | I'm not sure if I understood your question more than that? | 20:36:43 |
| Maximus | I think i got the info I needed | 20:37:30 |
| Linda | If you go dpkg-reconfigure matrix-archive-keyring and it will default APT sources to "no" again (should maybe change that to be persistent to the previous choice), it will immediately remove /etc/apt/sources.list.d/matrix-org.list just to clarify. | 20:39:14 |
| Linda | if you choose "no "there | 20:39:30 |
| Linda | also happens when you uninstall | 20:39:36 |
| Maximus | looks like it's working | 20:41:27 |
| Maximus | I said yes to use APT stuff, and no to trust fully | 20:41:37 |
| Maximus | the sources have what you described | 20:41:47 |
| Linda | I need to polish some source code and it will be ready tomorrow (probably) | 20:41:57 |
| Maximus | yep. Just the distro name in the source.list wasn't right for my case, but the rest seems fine | 20:42:20 |
| Linda | First-time install doesn't ask the APT "trust fully" question for a good reason. It defaults to false. The APT "full trust" question is asked by dpkg-reconfigure only because it defaults to asking every little question (same as ---priority=low), where the typical sysadmin tools use --priority=high. | 20:43:32 |
| Linda |
yep. Just the distro name in the source.list wasn't right for my case, but the rest seems fine
What was it? | 20:43:41 |
| Linda | The DEBUG line I added. | 20:43:55 |
| Linda | It found sid fine for me. | 20:44:00 |
