summaryrefslogtreecommitdiff
path: root/apt-private
diff options
context:
space:
mode:
Diffstat (limited to 'apt-private')
-rw-r--r--apt-private/private-update.cc10
1 files changed, 9 insertions, 1 deletions
diff --git a/apt-private/private-update.cc b/apt-private/private-update.cc
index 694480a96..d5faf5d2f 100644
--- a/apt-private/private-update.cc
+++ b/apt-private/private-update.cc
@@ -106,15 +106,23 @@ bool DoUpdate()
if (_config->FindB("APT::Get::Update::SourceListWarnings::SignedBy", SLWarnings))
{
+ bool allDeb822 = true;
for (auto *S : *List)
{
- if (not S->HasFlag(metaIndex::Flag::DEB822) || not S->GetSignedBy().empty())
+ if (not S->GetSignedBy().empty())
continue;
URI uri(S->GetURI());
// TRANSLATOR: the first is manpage reference, the last the URI from a sources.list
_error->Notice(_("Missing Signed-By in the %s entry for '%s'"),
"sources.list(5)", URI::ArchiveOnly(uri).c_str());
+ allDeb822 &= S->HasFlag(metaIndex::Flag::DEB822);
+ }
+ if (not allDeb822)
+ {
+ _error->Notice(_("Consider migrating all sources.list(5) entries to the deb822 .sources format"));
+ _error->Notice(_("The deb822 .sources format supports both embedded as well as external OpenPGP keys"));
+ _error->Notice(_("See apt-secure(7) for best practices in configuring repository signing."));
}
}