Marek
Posts: 128 Joined: Sun Apr 19, 2020 1:00 pm
#1
Post
by Marek Sun Apr 28, 2024 2:08 pm
Hello all! when I try to perform an update, it receives the information:
Code: Select all
tary:1 http://deb.debian.org/debian bookworm-updates InRelease
Stary:2 http://security.debian.org/debian-security bookworm-security InRelease
Stary:3 http://deb.debian.org/debian bookworm InRelease
Stary:4 http://mirror.it.ubc.ca/mxlinux/mx/repo bookworm InRelease
Stary:5 https://dl.google.com/linux/chrome/deb stable InRelease
Pobieranie:6 http://la.mxrepo.com/antix/bookworm bookworm InRelease [27,4 kB]
Błąd:6 http://la.mxrepo.com/antix/bookworm bookworm InRelease
Następujące podpisy były błędne: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
Czytanie list pakietów... Gotowe
W: Błąd GPG: http://la.mxrepo.com/antix/bookworm bookworm InRelease: Następujące podpisy były błędne: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
E: The repository 'http://la.mxrepo.com/antix/bookworm bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I did not change anything before and after installing the system dump, I updated the firefox package without any errors. Then wanting to install a different kernel, there was trouble. I tried to perform signature repair, but it didn't do anything.
Eadwine Rose
Administrator
Posts: 14840 Joined: Wed Jul 12, 2006 2:10 am
#2
Post
by Eadwine Rose Sun Apr 28, 2024 2:16 pm
QSI please, thanks.
MX-23.6_x64 July 31 2023 * 6.1.0-37amd64 ext4 Xfce 4.20.0 * 8-core AMD Ryzen 7 2700
Marek
Posts: 128 Joined: Sun Apr 19, 2020 1:00 pm
#3
Post
by Marek Sun Apr 28, 2024 2:39 pm
Eadwine Rose wrote: Sun Apr 28, 2024 2:16 pm
QSI please, thanks.
Code: Select all
Snapshot created on: 20240427_0957
System:
Kernel: 6.1.0-20-amd64 [6.1.85-1] arch: x86_64 bits: 64 compiler: gcc v: 12.2.0
parameters: BOOT_IMAGE=/boot/vmlinuz-6.1.0-20-amd64 root=UUID=<filter> ro quiet splash
lsm=landlock,lockdown,yama,integrity,apparmor,bpf
Desktop: KDE Plasma v: 5.27.5 tk: Qt v: 5.15.8 wm: kwin_x11 vt: 7 dm: SDDM Distro: MX-23.2_x64
Libretto October 15 2023 base: Debian GNU/Linux 12 (bookworm)
Machine:
Type: Desktop System: Dell product: OptiPlex 7010 v: 01 serial: <superuser required> Chassis:
type: 15 serial: <superuser required>
Mobo: Dell model: 0WR7PY v: A00 serial: <superuser required> UEFI: Dell v: A29 date: 06/28/2018
CPU:
Info: model: Intel Core i5-3570 bits: 64 type: MCP arch: Ivy Bridge gen: core 3 level: v2
built: 2012-15 process: Intel 22nm family: 6 model-id: 0x3A (58) stepping: 9 microcode: 0x21
Topology: cpus: 1x cores: 4 smt: <unsupported> cache: L1: 256 KiB desc: d-4x32 KiB; i-4x32 KiB
L2: 1024 KiB desc: 4x256 KiB L3: 6 MiB desc: 1x6 MiB
Speed (MHz): avg: 1676 high: 1700 min/max: 1600/3800 scaling: driver: intel_cpufreq
governor: ondemand cores: 1: 1686 2: 1623 3: 1700 4: 1696 bogomips: 27138
Flags: avx ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx
Vulnerabilities:
Type: gather_data_sampling status: Not affected
Type: itlb_multihit status: KVM: VMX disabled
Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled
Type: mds mitigation: Clear CPU buffers; SMT disabled
Type: meltdown mitigation: PTI
Type: mmio_stale_data status: Unknown: No mitigations
Type: reg_file_data_sampling status: Not affected
Type: retbleed status: Not affected
Type: spec_rstack_overflow status: Not affected
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 mitigation: Retpolines; IBPB: conditional; IBRS_FW; STIBP: disabled; RSB
filling; PBRSB-eIBRS: Not affected; BHI: Not affected
Type: srbds status: Vulnerable: No microcode
Type: tsx_async_abort status: Not affected
Graphics:
Device-1: Intel Xeon E3-1200 v2/3rd Gen Core processor Graphics vendor: Dell driver: i915
v: kernel arch: Gen-7 process: Intel 22nm built: 2012-13 ports: active: VGA-1 empty: DP-1, DP-2,
HDMI-A-1, HDMI-A-2 bus-ID: 00:02.0 chip-ID: 8086:0152 class-ID: 0300
Display: x11 server: X.Org v: 1.21.1.7 compositor: kwin_x11 driver: X: loaded: modesetting
unloaded: fbdev,vesa dri: crocus gpu: i915 display-ID: :0 screens: 1
Screen-1: 0 s-res: 1280x1024 s-dpi: 96 s-size: 338x270mm (13.31x10.63") s-diag: 433mm (17.03")
Monitor-1: VGA-1 model: LG (GoldStar) L1953TR serial: <filter> built: 2007 res: 1280x1024
hz: 60 dpi: 96 gamma: 1.2 size: 338x270mm (13.31x10.63") diag: 433mm (17") ratio: 5:4 modes:
max: 1280x1024 min: 720x400
API: OpenGL v: 4.2 Mesa 22.3.6 renderer: Mesa Intel HD Graphics 2500 (IVB GT1)
direct-render: Yes
Audio:
Device-1: Intel 7 Series/C216 Family High Definition Audio vendor: Dell 7 driver: snd_hda_intel
v: kernel bus-ID: 00:1b.0 chip-ID: 8086:1e20 class-ID: 0403
API: ALSA v: k6.1.0-20-amd64 status: kernel-api tools: alsamixer,amixer
Server-1: PipeWire v: 1.0.0 status: active with: 1: pipewire-pulse status: active
2: wireplumber status: active 3: pipewire-alsa type: plugin 4: pw-jack type: plugin
tools: pactl,pw-cat,pw-cli,wpctl
Network:
Device-1: Intel 82579LM Gigabit Network vendor: Dell driver: e1000e v: kernel port: f080
bus-ID: 00:19.0 chip-ID: 8086:1502 class-ID: 0200
IF: eth0 state: down mac: <filter>
Device-2: MEDIATEK MT7921 802.11ax PCI Express Wireless Network Adapter vendor: AzureWave
driver: mt7921e v: kernel modules: wl pcie: gen: 2 speed: 5 GT/s lanes: 1 bus-ID: 02:00.0
chip-ID: 14c3:7961 class-ID: 0280
IF: wlan0 state: up mac: <filter>
Drives:
Local Storage: total: 715.41 GiB used: 26.12 GiB (3.7%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/sda maj-min: 8:0 vendor: A-Data model: SU650 size: 476.94 GiB block-size:
physical: 512 B logical: 512 B speed: 6.0 Gb/s type: SSD serial: <filter> rev: 6306 scheme: GPT
ID-2: /dev/sdb maj-min: 8:16 vendor: SanDisk model: SSDPR-CX400-256 size: 238.47 GiB
block-size: physical: 512 B logical: 512 B speed: 3.0 Gb/s type: SSD serial: <filter> rev: 61.3
scheme: GPT
Partition:
ID-1: / raw-size: 48.83 GiB size: 47.76 GiB (97.81%) used: 26.12 GiB (54.7%) fs: ext4
dev: /dev/sdb2 maj-min: 8:18
ID-2: /boot/efi raw-size: 512 MiB size: 511 MiB (99.80%) used: 288 KiB (0.1%) fs: vfat
dev: /dev/sdb1 maj-min: 8:17
Swap:
Kernel: swappiness: 15 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 3.6 GiB used: 0 KiB (0.0%) priority: -2 dev: /dev/sdb4
maj-min: 8:20
Sensors:
System Temperatures: cpu: 30.0 C mobo: N/A
Fan Speeds (RPM): N/A
Repos:
Packages: pm: dpkg pkgs: 2758 libs: 1469 tools: apt,apt-get,aptitude,nala,synaptic pm: rpm
pkgs: 0 pm: flatpak pkgs: 0
No active apt repos in: /etc/apt/sources.list
Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list
1: deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
Active apt repos in: /etc/apt/sources.list.d/debian.list
1: deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
2: deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
Active apt repos in: /etc/apt/sources.list.d/google-chrome.list
1: deb [arch=amd64] https://dl.google.com/linux/chrome/deb/ stable main
Active apt repos in: /etc/apt/sources.list.d/mx.list
1: deb http://mirror.it.ubc.ca/mxlinux/mx/repo/ bookworm main non-free
Active apt repos in: /etc/apt/sources.list.d/mxpitemp.list
1: deb http://la.mxrepo.com/antix/bookworm bookworm main
Info:
Processes: 206 Uptime: 37m wakeups: 1 Memory: 15.51 GiB used: 2.14 GiB (13.8%) Init: SysVinit
v: 3.06 runlevel: 5 default: graphical tool: systemctl Compilers: gcc: 12.2.0 alt: 12
Client: shell wrapper v: 5.2.15-release inxi: 3.3.26
Boot Mode: UEFI
timkb4cq
Developer
Posts: 3603 Joined: Wed Jul 12, 2006 4:05 pm
#4
Post
by timkb4cq Sun Apr 28, 2024 2:57 pm
@anticapitalista Your antiX bookworm repo key has expired.
HP Pavillion TP01, AMD Ryzen 3 5300G (quad core), Crucial 500GB SSD, Toshiba 6TB 7200rpm
fehlix
Developer
Posts: 12740 Joined: Wed Apr 11, 2018 5:09 pm
#5
Post
by fehlix Sun Apr 28, 2024 3:24 pm
Already updated:
Code: Select all
http://la.mxrepo.com/antix/bookworm/pool/main/a/antix-archive-keyring/antix-archive-keyring_20019.5.0_all.deb
Shows as:
Code: Select all
gpg --show-keys antix-archive-keyring.gpg
pub rsa2048 2013-03-13 [SC] [expires: 2027-04-06]
ED5748AC0E575DD249A56B84DB36CDF3452F0C20
uid antiX Linux repo <repo@antixlinux.com>
sub rsa2048 2013-03-13 [E] [expires: 2027-04-06]
timkb4cq
Developer
Posts: 3603 Joined: Wed Jul 12, 2006 4:05 pm
#6
Post
by timkb4cq Sun Apr 28, 2024 3:28 pm
I pulled it up on the ubuntu keyserver and thought when I looked that it had expired 4/25/2024MX Fix GPG Keys tool.
HP Pavillion TP01, AMD Ryzen 3 5300G (quad core), Crucial 500GB SSD, Toshiba 6TB 7200rpm
fehlix
Developer
Posts: 12740 Joined: Wed Apr 11, 2018 5:09 pm
#7
Post
by fehlix Sun Apr 28, 2024 3:34 pm
timkb4cq wrote: Sun Apr 28, 2024 3:28 pm
I pulled it up on the ubuntu keyserver and thought when I looked that it had expired 4/25/2024
But it shows correctly now. The original poster should run the
MX Fix GPG Keys tool.
Seems someone was faster :)
@Marek you may try to get the keys from keyserver
by running check "MX Fix Gpg keys", or on command line
Marek
Posts: 128 Joined: Sun Apr 19, 2020 1:00 pm
#8
Post
by Marek Sun Apr 28, 2024 4:00 pm
Unfortunately it doesn't work
Code: Select all
checkaptgpg
To polecenie wymaga uprawnień 'root' do wykonania.
[sudo] hasło użytkownika marekania:
Sprawdzanie deb.debian.org_debian_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie deb.debian.org_debian_dists_bookworm-updates_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie dl.google.com_linux_chrome_deb_dists_stable_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie ftp.task.gda.pl_site_mx-packages_mx_repo_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie mirror.it.ubc.ca_mxlinux_mx_repo_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie security.debian.org_debian-security_dists_bookworm-security_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie la.mxrepo.com_antix_bookworm_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
marekania@mxOsy:~
$ sudo apt update
Stary:1 http://ftp.task.gda.pl/site/mx-packages/mx/repo bookworm InRelease
Stary:2 https://dl.google.com/linux/chrome/deb stable InRelease
Stary:3 http://security.debian.org/debian-security bookworm-security InRelease
Stary:4 http://deb.debian.org/debian bookworm-updates InRelease
Stary:5 http://deb.debian.org/debian bookworm InRelease
Pobieranie:6 http://la.mxrepo.com/antix/bookworm bookworm InRelease [27,4 kB]
Błąd:6 http://la.mxrepo.com/antix/bookworm bookworm InRelease
Następujące podpisy były błędne: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
Czytanie list pakietów... Gotowe
W: Błąd GPG: http://la.mxrepo.com/antix/bookworm bookworm InRelease: Następujące podpisy były błędne: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
E: The repository 'http://la.mxrepo.com/antix/bookworm bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
fehlix
Developer
Posts: 12740 Joined: Wed Apr 11, 2018 5:09 pm
#9
Post
by fehlix Sun Apr 28, 2024 4:33 pm
Marek wrote: Sun Apr 28, 2024 4:00 pm
Unfortunately it doesn't work
Code: Select all
checkaptgpg
To polecenie wymaga uprawnień 'root' do wykonania.
[sudo] hasło użytkownika marekania:
Sprawdzanie deb.debian.org_debian_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie deb.debian.org_debian_dists_bookworm-updates_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie dl.google.com_linux_chrome_deb_dists_stable_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie ftp.task.gda.pl_site_mx-packages_mx_repo_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie mirror.it.ubc.ca_mxlinux_mx_repo_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie security.debian.org_debian-security_dists_bookworm-security_InRelease
Znaleziono dobrą sygnaturę GPG.
Sprawdzanie la.mxrepo.com_antix_bookworm_dists_bookworm_InRelease
Znaleziono dobrą sygnaturę GPG.
marekania@mxOsy:~
$ sudo apt update
Stary:1 http://ftp.task.gda.pl/site/mx-packages/mx/repo bookworm InRelease
Stary:2 https://dl.google.com/linux/chrome/deb stable InRelease
Stary:3 http://security.debian.org/debian-security bookworm-security InRelease
Stary:4 http://deb.debian.org/debian bookworm-updates InRelease
Stary:5 http://deb.debian.org/debian bookworm InRelease
Pobieranie:6 http://la.mxrepo.com/antix/bookworm bookworm InRelease [27,4 kB]
Błąd:6 http://la.mxrepo.com/antix/bookworm bookworm InRelease
Następujące podpisy były błędne: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
Czytanie list pakietów... Gotowe
W: Błąd GPG: http://la.mxrepo.com/antix/bookworm bookworm InRelease: Następujące podpisy były błędne: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
E: The repository 'http://la.mxrepo.com/antix/bookworm bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Thanks. Seems a bug in checkaptgpg during the expiration handling of keys.
You may try this:
Do remove the expired key manually:
Code: Select all
sudo rm /etc/apt/trusted.gpg.d/antix-archive-keyring.gpg
and run again
