Post by Jonathan WiltshireAttached patch adds a section in the upgrade guide to ensure gpgv is
installed. Most users will have this if they have followed previous
upgrade guidance not to skip releases. However, without it they will not
be able to upgrade at all because the release signing key is not
validated correctly.
A bit more explanation in the text would be helpful. Mind you, users
who have been disregarding standard procedure to the extent of doing
leapfrog dist-upgrades seem unlikely to be paying close attention to
the procedure recommended in the bullseye-to-bookworm release notes!
I gather this is an extra precautionary step *before* the upgrade, but
is this "in case you've somehow accidentally ended up with only gpgv1
by accident" or are we expecting there to be users who have insisted
on sticking with the familiar v1 UI or something? If there aren't,
it's hard to see why gpgv1 still exists, let alone still satisfying
apt's gpgv dependency even on bookworm... surely that has to be a bug?
If it isn't, it is at least confusing enough to need some explanation.
Post by Jonathan Wiltshire+ <section id="install-gpgv">
+ <title>Check gpgv is installed</title>
+ <para>
+ APT needs <command>gpgv</command> version 2 or greater to verify the keys used
Maybe something like:
APT needs <command>gpgv</command> version 2 or greater to verify the keys used
to sign releases of &newreleasename;. Since gpgv1 technically satisfies the
dependency but is useful only in specialized circumstances, users may wish to
Post by Jonathan Wiltshire+ </para>
+ <screen>
+$ apt install gpgv
+ </screen>
+ </section>
Requires root, so make it:
# apt install gpgv
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package