[Bug 1053896] Re: Add new archive key to precise

Michael Vogt michael.vogt at ubuntu.com
Fri Sep 28 09:26:03 UTC 2012

People without the package from precise-proposed can no longer upgrade
to quantal, the error is:

root at bod:/# do-release-upgrade -d
Checking for a new Ubuntu release
Get:1 Upgrade tool signature [933 B]                                           
Get:2 Upgrade tool [1165 kB]                                                   
Fetched 1166 kB in 0s (0 B/s)                                                  
authenticate 'quantal.tar.gz' against 'quantal.tar.gz.gpg' 
exception from gpg: GnuPG exited non-zero, with code 2
Debug information: 

gpg: Signature made Fri Sep 28 01:55:55 2012 UTC using DSA key ID 437D05B5
gpg: /tmp/update-manager-xWzlHA/trustdb.gpg: trustdb created
gpg: Good signature from "Ubuntu Archive Automatic Signing Key <ftpmaster at ubuntu.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6302 39CC 130E 1A7F D81A  27B1 4097 6EAF 437D 05B5
gpg: Signature made Fri Sep 28 01:55:55 2012 UTC using RSA key ID C0B21F32
gpg: Can't check signature: public key not found

Authentication failed
Authenticating the upgrade failed. There may be a problem with the network or with the server. 

Once the version of the keyring from precise-proposed is installed, it
works fine.

You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-keyring in Ubuntu.

  Add new archive key to precise

Status in “ubuntu-keyring” package in Ubuntu:
  Fix Released
Status in “ubuntu-keyring” source package in Precise:
  Fix Released

Bug description:
  [Impact] Some tools display warnings when they don't have both keys used to dual-sign the quantal index files.  A few tools (e.g. cobbler-ubuntu-import) even make this an error.
  [Test Case] Install new ubuntu-keyring on precise, flip /etc/apt/sources.list to quantal, and apt-get update.  There should be no warnings.
  [Regression Potential] If apt-get update works, I can't think of any.

  We have a new archive key, used to dual-sign the quantal index files:


  To avoid warnings when upgrading from precise, we should add it to
  ubuntu-keyring in precise-updates.

To manage notifications about this bug go to:

More information about the foundations-bugs mailing list