On 8/15/2021 3:46 AM, raf wrote:
Hi,
Firstly, many thanks for debian-11. I've been looking
forward to the newer bind9 and its dnssec-policy
finally making it trivial to implement DNSSEC on a
stable system. Yay!
My problem: A day or two ago, I tried to upgrade to
debian-11 on a little VM on my laptop and I've run into
a problem.
I know it wasn't official yet, but I thought I could
get away with it. And I wanted to have done it once
before upgrading a more important VM. But I would like
to get this VM unbroken as well.
I wasn't as careful as usual with it (I didn't do the
backups mentioned in Release Notes section 4.1.1) but
I'm not sure if that would have helped.
I added the new the bullseye details to
/etc/apt/sources.list but I didn't comment out the
existing buster details at the same time. I think that
might have been my mistake. Then, I did apt update and
got GPG invalid signature errors.
And I still get them when I only have the buster
details in sources.list and when I only have the
bullseye details there. But before, everything
was fine.
With buster only:
deb http://ftp.au.debian.org/debian/ buster main
deb-src http://ftp.au.debian.org/debian/ buster main
deb http://security.debian.org/debian-security buster/updates main
deb-src http://security.debian.org/debian-security buster/updates main
deb http://ftp.au.debian.org/debian/ buster-updates main
deb-src http://ftp.au.debian.org/debian/ buster-updates main
apt update looks like this:
Err:1 http://security.debian.org/debian-security buster/updates InRelease
At least one invalid signature was encountered.
Get:2 http://ftp.au.debian.org/debian buster InRelease [122 kB]
Get:3 http://ftp.au.debian.org/debian buster-updates InRelease [51.9 kB]
Err:2 http://ftp.au.debian.org/debian buster InRelease
At least one invalid signature was encountered.
Err:3 http://ftp.au.debian.org/debian buster-updates InRelease
At least one invalid signature was encountered.
Fetched 174 kB in 0s (452 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
2 packages can be upgraded. Run 'apt list --upgradable' to see them.
W: An error occurred during the signature verification. The repository is
not updated and the previous index files will be used. GPG error:
http://security.debian.org/debian-security buster/updates InRelease: At least
one invalid signature was encountered.
W: An error occurred during the signature verification. The repository is
not updated and the previous index files will be used. GPG error:
http://ftp.au.debian.org/debian buster InRelease: At least one invalid
signature was encountered.
W: An error occurred during the signature verification. The repository is
not updated and the previous index files will be used. GPG error:
http://ftp.au.debian.org/debian buster-updates InRelease: At least one invalid
signature was encountered.
W: Failed to fetch http://ftp.au.debian.org/debian/dists/buster/InRelease
At least one invalid signature was encountered.
W: Failed to fetch
http://security.debian.org/debian-security/dists/buster/updates/InRelease At
least one invalid signature was encountered.
W: Failed to fetch
http://ftp.au.debian.org/debian/dists/buster-updates/InRelease At least one
invalid signature was encountered.
W: Some index files failed to download. They have been ignored, or old ones
used instead.
With bullseye only:
deb http://ftp.au.debian.org/debian/ bullseye main contrib non-free
deb-src http://ftp.au.debian.org/debian/ bullseye main contrib non-free
deb http://security.debian.org/debian-security bullseye-security main
contrib non-free
deb-src http://security.debian.org/debian-security bullseye-security main
contrib non-free
deb http://ftp.au.debian.org/debian/ bullseye-updates main contrib non-free
deb-src http://ftp.au.debian.org/debian/ bullseye-updates main contrib
non-free
apt update looks like:
Get:1 http://security.debian.org/debian-security bullseye-security InRelease
[44.1 kB]
Err:1 http://security.debian.org/debian-security bullseye-security InRelease
At least one invalid signature was encountered.
Get:2 http://ftp.au.debian.org/debian bullseye InRelease [113 kB]
Get:3 http://ftp.au.debian.org/debian bullseye-updates InRelease [40.1 kB]
Err:2 http://ftp.au.debian.org/debian bullseye InRelease
At least one invalid signature was encountered.
Err:3 http://ftp.au.debian.org/debian bullseye-updates InRelease
At least one invalid signature was encountered.
Fetched 153 kB in 0s (448 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
1416 packages can be upgraded. Run 'apt list --upgradable' to see them.
W: An error occurred during the signature verification. The repository is
not updated and the previous index files will be used. GPG error:
http://security.debian.org/debian-security bullseye-security InRelease: At
least one invalid signature was encountered.
W: An error occurred during the signature verification. The repository is
not updated and the previous index files will be used. GPG error:
http://ftp.au.debian.org/debian bullseye InRelease: At least one invalid
signature was encountered.
W: An error occurred during the signature verification. The repository is
not updated and the previous index files will be used. GPG error:
http://ftp.au.debian.org/debian bullseye-updates InRelease: At least one
invalid signature was encountered.
W: Failed to fetch http://ftp.au.debian.org/debian/dists/bullseye/InRelease
At least one invalid signature was encountered.
W: Failed to fetch
http://security.debian.org/debian-security/dists/bullseye-security/InRelease
At least one invalid signature was encountered.
W: Failed to fetch
http://ftp.au.debian.org/debian/dists/bullseye-updates/InRelease At least one
invalid signature was encountered.
W: Some index files failed to download. They have been ignored, or old ones
used instead.
The below assumes that 'sources.list' is set only for bullseye
Some hints more than an answer:
- Try to remove the gpg keys in '/etc/apt' directory.
- Try to remove the Debian apt-keyring pkg ('$ apt-get --autoremove
purge <PKG-NAME]')
$ apt-get update && apt-get full-upgrade
P.S.
I would first try the first step and see how it goes
--
John Doe
