Thorsten Glaser
2019-05-19 21:40:01 UTC
Package: apt
Version: 1.8.0
Severity: normal
(but ought to be release-critical, see last paragraph)
E: Repository 'http://debs.tarent.de buster InRelease' changed its 'Suite' value from 'buster' to 'testing'
N: This must be accepted explicitly before updates for this repository can be applied. See apt-secure(8) manpage for details.
Sure, but the apt-secure(8) manpage is 8 screen pages, and while
I eventually (took me some time) found the right section, it does
not document *how* one would accept this change:
INFORMATION CHANGES
A Release file contains beside the checksums for the files in the
repository also general information about the repository like the
origin, codename or version number of the release.
This information is shown in various places so a repository owner
should always ensure correctness. Further more user configuration like
apt_preferences(5) can depend and make use of this information. Since
version 1.5 the user must therefore explicitly confirm changes to
signal that the user is sufficiently prepared e.g. for the new major
release of the distribution shipped in the repository (as e.g.
indicated by the codename).
Nothing in here shows the correct way, so people will duckduckgo for
answers and likely find things like “sudo chmod 777 somefile” on
ask*buntu, or something…
… for the record, I *believe* that adding --allow-releaseinfo-change
to apt-get update is right, but this appears only in the apt-get(8)
manpage, not in apt(8) which some people believe is the new tool, and
especially not in apt-secure(8) where the user is directed to.
As such, this is a rather severe documentation bug that I believe
ought to be fixed before buster.
-- Package-specific info:
-- (no /etc/apt/preferences present) --
-- (/etc/apt/preferences.d/dash-mksh.pref present, but not submitted) --
-- (/etc/apt/sources.list present, but not submitted) --
-- (no /etc/apt/sources.list.d/* present) --
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)
Versions of packages apt depends on:
ii adduser 3.118
ii debian-archive-keyring 2018.1
ii gpgv 2.2.12-1
ii libapt-pkg5.0 1.8.0
ii libc6 2.28-8
ii libgcc1 1:8.3.0-6
ii libgnutls30 3.6.6-2
ii libseccomp2 2.3.3-4
ii libstdc++6 8.3.0-6
Versions of packages apt recommends:
ii ca-bundle [ca-certificates] 20181220tarent1
Versions of packages apt suggests:
pn apt-doc <none>
pn aptitude | synaptic | wajig <none>
ii dpkg-dev 1.19.6
ii gnupg 2.2.12-1
ii gnupg1 1.4.23-1
pn powermgmt-base
Version: 1.8.0
Severity: normal
(but ought to be release-critical, see last paragraph)
E: Repository 'http://debs.tarent.de buster InRelease' changed its 'Suite' value from 'buster' to 'testing'
N: This must be accepted explicitly before updates for this repository can be applied. See apt-secure(8) manpage for details.
Sure, but the apt-secure(8) manpage is 8 screen pages, and while
I eventually (took me some time) found the right section, it does
not document *how* one would accept this change:
INFORMATION CHANGES
A Release file contains beside the checksums for the files in the
repository also general information about the repository like the
origin, codename or version number of the release.
This information is shown in various places so a repository owner
should always ensure correctness. Further more user configuration like
apt_preferences(5) can depend and make use of this information. Since
version 1.5 the user must therefore explicitly confirm changes to
signal that the user is sufficiently prepared e.g. for the new major
release of the distribution shipped in the repository (as e.g.
indicated by the codename).
Nothing in here shows the correct way, so people will duckduckgo for
answers and likely find things like “sudo chmod 777 somefile” on
ask*buntu, or something…
… for the record, I *believe* that adding --allow-releaseinfo-change
to apt-get update is right, but this appears only in the apt-get(8)
manpage, not in apt(8) which some people believe is the new tool, and
especially not in apt-secure(8) where the user is directed to.
As such, this is a rather severe documentation bug that I believe
ought to be fixed before buster.
-- Package-specific info:
-- (no /etc/apt/preferences present) --
-- (/etc/apt/preferences.d/dash-mksh.pref present, but not submitted) --
-- (/etc/apt/sources.list present, but not submitted) --
-- (no /etc/apt/sources.list.d/* present) --
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)
Versions of packages apt depends on:
ii adduser 3.118
ii debian-archive-keyring 2018.1
ii gpgv 2.2.12-1
ii libapt-pkg5.0 1.8.0
ii libc6 2.28-8
ii libgcc1 1:8.3.0-6
ii libgnutls30 3.6.6-2
ii libseccomp2 2.3.3-4
ii libstdc++6 8.3.0-6
Versions of packages apt recommends:
ii ca-bundle [ca-certificates] 20181220tarent1
Versions of packages apt suggests:
pn apt-doc <none>
pn aptitude | synaptic | wajig <none>
ii dpkg-dev 1.19.6
ii gnupg 2.2.12-1
ii gnupg1 1.4.23-1
pn powermgmt-base