Opened 3 years ago
Closed 3 years ago
#2180 closed defect (fixed)
Installation instructions fail on Ubuntu 16.04
| Reported by: | Owned by: | thresh | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | documentation | Version: | 1.19.x |
| Keywords: | Cc: | ||
| uname -a: | Linux 525b07850e66 4.19.76-linuxkit #1 SMP Thu Oct 17 19:31:58 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: | n/a | ||
Description
Installation instructions for Ubuntu were changed recently and currently cause apt update to fail on Ubuntu 16.04.
# apt update Get:1 http://nginx.org/packages/ubuntu xenial InRelease [4354 B] Hit:2 http://archive.ubuntu.com/ubuntu xenial InRelease Hit:3 http://archive.ubuntu.com/ubuntu xenial-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu xenial-backports InRelease Hit:5 http://security.ubuntu.com/ubuntu xenial-security InRelease Err:1 http://nginx.org/packages/ubuntu xenial InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ABF5BD827BD9BF62 Reading package lists... Done W: GPG error: http://nginx.org/packages/ubuntu xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ABF5BD827BD9BF62 E: The repository 'http://nginx.org/packages/ubuntu xenial InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details.
The previous version of instructions (with apt-key add) works fine on Ubuntu 16.04 and Ubuntu 20.04.
Tested on Docker images ubuntu:xenial and ubuntu:focal.
Change History (6)
comment:1 by , 3 years ago
comment:2 by , 3 years ago
Alternatively, we might want to use /usr/share/keyrings to drop the gpg keys to, run gpg --dearmor to convert them to keyring, and mention them via signed-by= keyword in the sources.list entries. This seems to work on Ubuntu 16.04 at least.
comment:3 by , 3 years ago
| Owner: | set to |
|---|---|
| Status: | new → assigned |
comment:4 by , 3 years ago
What's wrong with adding key via apt-key add thoguh? This is the method I usually see in other APT repositories.
comment:5 by , 3 years ago
It's deprecated: https://manpages.debian.org/testing/apt/apt-key.8.en.html
So it's unwise to provide instructions that still utilize it.
comment:6 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
The current instructions (since http://hg.nginx.org/nginx.org/rev/6eff5d63925b) work fine (except for the incompatible gpg check command).
Note that we no longer build packages for Ubuntu Xenial since it's EOL.
Indeed, this seems to be wrong for Ubuntu Xenial. I guess my manual checking used the VM images that already got the key imported via apt-key.
I'm not sure if we want to fix it, since Xenial is EOL since April 30: https://lists.ubuntu.com/archives/ubuntu-announce/2021-March/000266.html and we probably should just remove the mention of that OS altogether.