Announcement

Collapse
No announcement yet.

Updating BC4 using a PPA?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Updating BC4 using a PPA?

    Hi,

    I recently installed BC4 through the downloadable .deb file.
    I found out that it seems to add a PPA link to /etc/apt/sources.list.d/

    If I try to update BC4 via aptitude, I get the warning about an untrusted source. It seems the GPG key for it is missing?

    I could update it anyway, but the warning is annoying. How can I fix it?

  • #2
    Hello,

    The key is normally part of our installation process. Which OS (version and 64bit?) did you install to, and you used the main i386.deb package, correct?
    Aaron P Scooter Software

    Comment


    • #3
      I think I had a similar problem a while ago. I do not currently have the problem.

      In my notes I have an entry for 2014-04-08 that I used "seahorse" (the shell command for launching the Passwords and Keys utility) to import the key http://www.scootersoftware.com/RPM-G...cootersoftware.

      At that time I was running BC 4.0.0.17887 or 4.0.0.17905.
      Last edited by Dave_L; 30-Sep-2014, 12:02 PM.

      Comment


      • #4
        Does Aptitude show packages that are up to date? I installed it along with the BC 4.0 launch release, but do not see bcompare in the list of packages to be updated (since it is already the latest release). How are you launching aptitude, or what actions do you take once it is launched? If you try apt-get update, do you see similar GPG errors?

        And are you using the latest build, 4.0.0 18847 (the first non-beta release)?
        Aaron P Scooter Software

        Comment


        • #5
          Hi, I updated this today

          Code:
          bcompare:i386 4.0.0-18746 -> 4.0.0-18847
          Now, when I look into aptitude, the new version doesn't contain this warning. Invoking
          Code:
          apt-key list
          shows me the Scootersoftware Key, which I imported manually with
          Code:
          apt-key add /usr/lib/beyondcompare/GPG-KEY-SCOOTERSOFTWARE
          before.

          Maybe I misunderstood something here with Aptitude?

          Comment


          • #6
            Hello,

            I suspect the 18847 update should have imported the key for you, but we'll keep an eye on this to make sure we're installing this key correctly.
            Aaron P Scooter Software

            Comment


            • #7
              Originally posted by armakuni View Post
              Code:
              apt-key add /usr/lib/beyondcompare/GPG-KEY-SCOOTERSOFTWARE
              I don't have that file on my system, but I do have "/usr/lib/beyondcompare/GPG-KEY-scootersoftware"

              Is it possible that there has been an error in packaging the latest version and the filename case is wrong?

              Comment


              • #8
                "warning about an untrusted source"

                I just got that warning yesterday when I upgraded BC4 (actual package name "bcompare:i386") from version 4.0.0-18847 to 4.0.1-19165, using synaptic.

                Code:
                $ ll -h /usr/lib/beyondcompare/GPG-KEY-scootersoftware 
                -rw-rw-r-- 1 root root 1.7K Nov 11 17:58 /usr/lib/beyondcompare/GPG-KEY-scootersoftware

                Comment


                • #9
                  No, the lower case version is the correct case type. Talking with our Linux developer, the all upper case version probably won't work on a case sensitive system like Linux.
                  Aaron P Scooter Software

                  Comment


                  • #10
                    Chrestomanci points out that the case for the key should be lowercase:
                    /usr/lib/beyondcompare/GPG-KEY-scootersoftware

                    If this does not help, I would recommend backing up your current settings with the Tools menu -> Export, run the Uninstaller, then remove any instance of the key and our url from your APT repository. With this clean slate, then try running our latest .deb installer again and see if this helps auto generate everything correctly. Please be sure there aren't any errors during the install process.
                    Aaron P Scooter Software

                    Comment


                    • #11
                      Originally posted by Aaron View Post
                      Chrestomanci points out that the case for the key should be lowercase:
                      /usr/lib/beyondcompare/GPG-KEY-scootersoftware

                      If this does not help, I would recommend backing up your current settings with the Tools menu -> Export, run the Uninstaller, then remove any instance of the key and our url from your APT repository. With this clean slate, then try running our latest .deb installer again and see if this helps auto generate everything correctly. Please be sure there aren't any errors during the install process.
                      I just did this, and the two problems I've noted are still present within synaptic: the "not authenticated" warning, and the list of installed files showing up with the wrong package.

                      One thought: In bcompare-4.0.2.19186_i386.deb, the file DEBIAN/control contains "Package: bcompare". Should the package name be "bcompare:i386" instead? Could that be confusing synaptic?

                      Comment


                      • #12
                        Thanks. We reproduced the error message and found where some of our code signing was a bit off. We've fixed it, so you should be able to grab the new version with an apt-get update.
                        Aaron P Scooter Software

                        Comment


                        • #13
                          Originally posted by Aaron View Post
                          Thanks. We reproduced the error message and found where some of our code signing was a bit off. We've fixed it, so you should be able to grab the new version with an apt-get update.
                          apt-get doesn't show a new version being available. The latest is still 4.0.2.19186.

                          When you say the "code signing was a bit off", would you mind explaining that, if it's not proprietary information?

                          Comment


                          • #14
                            sudo apt-get update (not upgrade) should grab a refreshed listing of server/repo information, without needing to actually get a new patch. The new information should be up and ready to go.

                            We included the key and hosted it correctly, but missed a step in signing the release. Now that we have that in, all parts should verify against each other correctly.
                            Aaron P Scooter Software

                            Comment


                            • #15
                              Thanks, the "not authenticated" warning does not appear now (I tested it by selecting "reinstall", without actually doing it).

                              The list of installed files showing up with the wrong package still happens, but that's only an annoyance.

                              Comment

                              Working...
                              X