Announcement

Collapse
No announcement yet.

Ubuntu 23.10 Improving PPA Management For Enhanced Security & Reliability

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Ubuntu 23.10 Improving PPA Management For Enhanced Security & Reliability

    Phoronix: Ubuntu 23.10 Improving PPA Management For Enhanced Security & Reliability

    One of the great longtime features of Ubuntu Linux has been Launchpad's Personal Package Archives (PPAs) for easily augmenting the official Ubuntu repositories with additional packages either to supply updated versions of select software or for software not yet found in the official Ubuntu archives. With Ubuntu 23.10 a change is being made in how PPAs are managed to enhance the security and reliability...

    Ubuntu 23.10 Improving PPA Management For Enhanced Security & Reliability - Phoronix
    https://www.phoronix.com/news/Ubuntu-23.10-PPA-Management
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    How does one embed keys into .sources files like they're doing? The sources.list(5) manual page implies an external key file is a requirement, and I've found this somewhat inconveniently complex to set up. A single file would be much better.

    Comment

    • #3
      Originally posted by J.King View Post
      How does one embed keys into .sources files like they're doing? The sources.list(5) manual page implies an external key file is a requirement, and I've found this somewhat inconveniently complex to set up. A single file would be much better.
      Code:
                     Types: deb
               URIs: https://deb.debian.org
               Suites: stable
               Components: main contrib non-free
               Signed-By:
                -----BEGIN PGP PUBLIC KEY BLOCK-----
                .
                mDMEYCQjIxYJKwYBBAHaRw8BAQdAD/P5Nvvnvk66SxBBHDbhRml9ORg1WV5CvzKY
                CuMfoIS0BmFiY2RlZoiQBBMWCgA4FiEErCIG1VhKWMWo2yfAREZd5NfO31cFAmAk
                IyMCGyMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQREZd5NfO31fbOwD6ArzS
                dM0Dkd5h2Ujy1b6KcAaVW9FOa5UNfJ9FFBtjLQEBAJ7UyWD3dZzhvlaAwunsk7DG
                3bHcln8DMpIJVXht78sL
                =IE0r
                -----END PGP PUBLIC KEY BLOCK-----​
      That is taken from my sources.list man page, as the announcement says "However, starting with version 23.10, we have introduced a new approach. PPAs are now added as deb822-formatted .sources files, where the keys are directly embedded into the file’s Signed-By field.​"

      // Stefan
      • Likes 4

      Comment

      • #4
        not the only aspect of this system that they need to be improving. but it's a start i suppose... although still it feels like they are doing just a bare minimum

        Comment

        • #5
          Originally posted by J.King View Post
          How does one embed keys into .sources files like they're doing? The sources.list(5) manual page implies an external key file is a requirement, and I've found this somewhat inconveniently complex to set up. A single file would be much better.
          That only became possible as of apt 2.3.10 https://github.com/Debian/apt/blob/m...changelog#L411

          Debian Bullseye missed the boat on that one, but embedded keys should be possible with the upcoming Debian Bookworm. Ubuntu support is better, going back as far as Jammy I believe.

          Comment

          • #6
            Originally posted by jstoik View Post

            That only became possible as of apt 2.3.10 https://github.com/Debian/apt/blob/m...changelog#L411

            Debian Bullseye missed the boat on that one, but embedded keys should be possible with the upcoming Debian Bookworm. Ubuntu support is better, going back as far as Jammy I believe.
            That explains it. Thanks!

            Comment

            Previous template Next
            Working...
            X