touch-packages team mailing list archive

Thread
Date
[Bug 1263540] Re: Apt-get reports NO_PUBKEY gpg error for keys that are present in trusted.gpg.

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Baobab <emil.bb@xxxxxxxxx>
Date: Tue, 19 Aug 2014 22:16:08 -0000
Reply-to: Bug 1263540 <1263540@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
I encountered the same problem. I solved this by

1) moving all the ppas from the folder /etc/apt/sources.list.d to the
file /etc/apt/sources.list. I did this with the command:

pr -F *files > newfilepr -F *files > newfile

which combines all the sources.list files into one file. Some adaptation
is needed.

2) removing *all* the files in /etc/apt/trustedgpg.d

then, I could add new keys to the keychain by issuing the “sudo apt-key
adv –keyserver keyserver.ubuntu.com –recv-keys **KEY_HERE**” command
(look it up if you don't know it). Before that, it didn’t import the
key. Hope this is helpfull to someone, it was a completely random move
on my part, had no idea if it would work or not. It did :D

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1263540

Title:
  Apt-get reports NO_PUBKEY gpg error for keys that are present in
  trusted.gpg.

Status in APT:
  New
Status in “apt” package in Ubuntu:
  Confirmed

Bug description:
  Ubuntu 13.10
  apt  0.9.9.1~ubuntu3

  'apt-get update' has started showing several warnings like the
  following, even though the keys are present:

  W: GPG error: http://us.archive.ubuntu.com saucy Release: The
  following signatures couldn't be verified because the public key is
  not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

  'apt-key list' shows the keys in question in its output...

  pub   1024D/437D05B5 2004-09-12
  uid                  Ubuntu Archive Automatic Signing Key <ftpmaster@xxxxxxxxxx>
  sub   2048g/79164387 2004-09-12

  pub   4096R/C0B21F32 2012-05-11
  uid                  Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@xxxxxxxxxx>

  ...and its output begins with the following:

  gpg: keyblock resource `/etc/apt/trusted.gpg.d//webupd8team-y-ppa-
  manager.gpg': resource limit

  I see the same gpg message when I manually update/remove/add the keys
  in question. E.g.:

  $ sudo apt-key update
  gpg: keyblock resource `/etc/apt/trusted.gpg.d//webupd8team-java.gpg': resource limit
  gpg: keyblock resource `/etc/apt/trusted.gpg.d//webupd8team-y-ppa-manager.gpg': resource limit
  gpg: key 437D05B5: "Ubuntu Archive Automatic Signing Key <ftpmaster@xxxxxxxxxx>" not changed
  gpg: key FBB75451: "Ubuntu CD Image Automatic Signing Key <cdimage@xxxxxxxxxx>" not changed
  gpg: key C0B21F32: "Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@xxxxxxxxxx>" not changed
  gpg: key EFE21092: "Ubuntu CD Image Automatic Signing Key (2012) <cdimage@xxxxxxxxxx>" not changed
  gpg: Total number processed: 4
  gpg:              unchanged: 4

  I asked about the "resource limit" message on the gnupg-users mailing list...
  http://www.mail-archive.com/gnupg-users@xxxxxxxxx/msg23300.html
  Based on Werner Koch's (the dev) answer...
  http://www.mail-archive.com/gnupg-users@xxxxxxxxx/msg23302.html
  ...the secure apt related programs might be making gpg use more than the maximum number of keyrings that it can handle.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apt/+bug/1263540/+subscriptions