By default, Bugzilla does not search the list of RESOLVED bugs.
You can force it to do so by putting the upper-case word ALL in front of your search query, e.g.: ALL tdelibs
We recommend searching for bugs this way, as you may discover that your bug has already been resolved and fixed in a later release.

Bug 649

Summary: trinity-keyring wrongly overwrites customised files in /etc
Product: TDE Reporter: Nick Leverton <nick>
Component: other (any)Assignee: Timothy Pearson <kb9vqf>
Status: VERIFIED FIXED    
Severity: normal CC: bugwatch, dzfixes-box1, kb9vqf, mgb-trinity, michele.calgaro
Priority: P5    
Version: 3.5.13.x [Trinity]   
Hardware: Other   
OS: Linux   
Compiler Version: TDE Version String:
Application Version: Application Name:

Description Nick Leverton 2011-11-19 16:44:09 CST 
trinity-keyring overwrites any manual modifications made to /etc/apt/sources.list.d/trinity.list.

It shouldn't, as debs normally treat everythin in /etc as a conffile and confirm with the admin before overwriting any changes.

echo 8 > debian/compat in the source package will fix this (actually, any value over 3 will fix this, but levels under 5 are deprecated).  man debhelper refers.
Comment 1 David Hare 2011-11-29 19:34:58 CST 
Suggested fix:

Remove the /etc/apt/sources.list.d/trinity.list entry altogether, a keyring package should do just that, install a keyring.

A user would normally have already their sources list set up, before apt-get/aptititude install any TDE package (and may be confused what has overwritten a custom entry and/or then have duplicate or even conflicting sources for the same packages) There is no good reason for it.
Comment 2 mgb-trinity 2014-11-03 18:20:10 CST 
I did not expect a keyring to install an apt source which duplicated a pre-existing pre-requisite apt source, and which confused me no end during an attempted upgrade.

I have to agree with David Hare's suggested fix - please remove the apt source from trinity keyring.

As it is I don't want to lose the keyring by uninstalling the package but deleting or editing the apt source file makes the installation inconsistent.

I guess for now I'll just have to delete the unwanted file and leave the installed package inconsistent.
Comment 3 Timothy Pearson 2014-11-03 18:33:02 CST 
I was following an existing Ubuntu pattern when I generated that package.  I guess I could split the sources.list entries into a second package (trinity-apt-ppa); would that work?

The idea was to eventually alter the installation instructions to download a single "bootstrap" deb file which would then install the sources.list entries, etc. saving the users a couple of manual entry steps.
Comment 4 mgb-trinity 2014-11-03 19:28:04 CST 
Splitting the package would make the problem avoidable but I'm not sure of the utility of the new trinity-apt-ppa.

It seems you'd have to manually download the package and install it and I don't see how you'd have keyring protection when doing it.

Personally I find it easier to edit /etc/apt/sources.list but if others prefer the trinity-apt-ppa approach I could certainly live with the split you propose providing that trinity-apt-ppa was not a dependency of any other (non-bootstrap) package.

Thanks!
Comment 5 Timothy Pearson 2014-11-03 20:20:55 CST 
You wouldn't have keyring protection, but you could at least have https protection from the TDE server.  Right now there is no protection whatsoever on the key download during bootstrap, which is hardly ideal.

I brought up the trinity-apt-ppa package idea as I wasn't sure about it either, but now that I think about it with some changes to the installation process we could have higher security and easier installation.
Comment 6 Timothy Pearson 2014-11-04 11:50:23 CST 
Packages split off in GIT hash 61508ec (tde-packaging).  The archive package name is trinity-apt-archive.

My suggestion for the new installation process looks something like this:

cd /tmp/

wget https://ppa.quickbuild.pearsoncomputing.net/trinity/trinity-nightly-builds/ubuntu/pool/main/t/trinity-keyring/trinity-keyring_14.0.0-r1-0debian6.0.0+pr7_all.deb

wget https://ppa.quickbuild.pearsoncomputing.net/trinity/trinity-nightly-builds/ubuntu/pool/main/t/trinity-apt-archive/trinity-apt-archive_14.0.0-r1-0debian6.0.0+pr1_all.deb

sudo dpkg -i trinity-keyring_14.0.0-r1-0debian6.0.0+pr7_all.deb trinity-apt-archive_14.0.0-r1-0debian6.0.0+pr1_all.deb

sudo apt-get install kubuntu-default-settings-trinity kubuntu-desktop-trinity

Comments?
Comment 7 Timothy Pearson 2014-11-04 12:05:46 CST 
Marking SRUONLY as this is fixed for R14.
Comment 8 mgb-trinity 2014-11-04 12:41:59 CST 
(In reply to Timothy Pearson from comment #6)
> Comments?

Looks good thanks.  I'll test it as soon as I see the Jessie update in nightly builds.
Comment 9 mgb-trinity 2014-11-04 17:58:44 CST 
I started trying to upgrade from v3.5.13 to nighty build (NB) a few days ago (when Jessie i386 NB was incomplete due to rebuilding) so until now my trinity-keyring's /etc/apt/sources.list.d/trinity.list pointed to v3.5.13.

An updated trinity-keyring just came through from NB which changed /etc/apt/sources.list.d/trinity.list to point to NB but did not delete it.

So now I've got "Duplicate sources.list entry" errors when I "apt-get update" because I already had NB in my /etc/apt/sources.list - which is how trinity-keyring came to be updated.

For now I'll just delete the /etc/apt/sources.list.d/trinity.list until a version of trinity-keyring arrives without it.
Comment 10 Michele Calgaro 2018-07-28 03:15:25 CDT 
As per comment 7, this is fixed in R14.
Comment 11 mgb-trinity 2018-07-29 21:52:10 CDT 
Verified fixed in or before 4:14.0.4-0debian9.0.0+0~a.