Build install kernel & Client with verifiable repos

George {Skip} F VerDuin gfv2014 at
Tue Oct 20 04:59:07 CEST 2015

Now almost all is well Thomas, you were right in your assessment.
After some very detail work, the only failure is one package: tzdata

On 10/19/2015 08:53 AM, Thomas Lange wrote:
> Mmm, it should be working as I understand apt-key. 
It IS working after I started over by removing all sources.lists and 
I created a script that I could proofread before executing to insert all 
.list and .gpg files into the /etc/fai/apt/... data structure for three 
All now create the install client nicely.

It is clear that some detail in my history actually went wrong, and I 
could not find it over the past days.

> You can put the key in a file into /etc/fai/apt/keys/*.asc then this 
> will be loaded via apt-key add when building the nfsroot. I will also 
> add code into fai-make-nfsroot, that adds the official key of the 
> fai-project repository into the nfsroot by default. 
As for the tzdata package from Debian team, it seems possible that it 
actually is flawed in some way.  I'll use it for the mean time anyway.  
Here is how FAI treated the failure...

Extracted from /var/log/fai/fai-setup.log:
Reading state information...
The following packages will be upgraded:
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 404 kB of archives.
After this operation, 39.9 kB disk space will be freed.
WARNING: The following packages cannot be authenticated!
Authentication warning overridden.
Get:1 wheezy-updates/main tzdata all 
2015g-0+deb7u1 [404 kB]
Preconfiguring packages ...

SO there seems nothing for you to worry about relative to keys.


More information about the linux-fai mailing list