Participants
Laura Smith
Laura Smith
Daniel Gustafsson
Daniel Gustafsson
Christoph Berg
Christoph Berg
Attachments
Show all attachments
Thread Outline
#1Laura SmithLaura Smith
Apr 12, 2024
#2Daniel GustafssonDaniel Gustafssonto Laura Smith (#1)
Apr 12, 2024
#3Christoph BergChristoph Bergto Daniel Gustafsson (#2)
Apr 16, 2024

Obsolete Linux downloads (Debian) instructions

Started by Laura Smithalmost 2 years ago3 messagesgeneral
Jump to latest
#1Laura Smith
Laura Smith
n5d9xq3ti233xiyif2vp@protonmail.ch

Hi

Who do I have to badger to get the obsolete and frankly dangerous Debian repo instructions fixed @ https://www.postgresql.org/download/linux/debian/ ? 

The manner proposed is really "not the done thing" in 2024 and it has been explicitly obsoleted by Debian so the project really should not be promoting it as a supported manner to do things.

TL;DR: You should not be using blindly trusting keys for all repos (which is what apt-key add does).  See : https://wiki.debian.org/DebianRepository/UseThirdParty

Something like this is the way it should be done:

# Install GPG Certcurl -fsSL "https://www.postgresql.org/media/keys/ACCC4CF8.asc" \
    | gpg --dearmor \
    | sudo sponge /etc/apt/keyrings/postgresql.gpg
# Create source list file
. /etc/os-release
echo "deb [signed-by=/etc/apt/keyrings/postgresql.gpg] https://apt.postgresql.org/pub/repos/apt ${VERSION_CODENAME}-pgdg main" \
    | doas sponge /etc/apt/sources.list.d/postgresql.list
## Install
doas apt-get update && apt-get -y install postgresql

#2Daniel Gustafsson
Daniel Gustafsson
daniel@yesql.se
In reply to: Laura Smith (#1)
Re: Obsolete Linux downloads (Debian) instructions

On 12 Apr 2024, at 12:43, Laura Smith <n5d9xq3ti233xiyif2vp@protonmail.ch> wrote:

Who do I have to badger to get the obsolete and frankly dangerous Debian repo instructions fixed @ https://www.postgresql.org/download/linux/debian/ ?

Badgering is usually not required when it comes to fixing broken things,
assuming they are broken (since I'm not a Debian user I cannot really comment
on that part), fixing them is generally more productive. You can find the
website code in the following repository:

https://git.postgresql.org/gitweb/?p=pgweb.git;a=summary

The file to look at is templates/pages/download/linux/debian.html. If you
propose a patch for the instructions, ideally on the pgsql-www@ mailinglist,
I'm sure we can ask Christophe (in CC:) for a review.

--
Daniel Gustafsson

#3Christoph Berg
Christoph Berg
myon@debian.org
In reply to: Daniel Gustafsson (#2)
Re: Obsolete Linux downloads (Debian) instructions

Re: Daniel Gustafsson

On 12 Apr 2024, at 12:43, Laura Smith <n5d9xq3ti233xiyif2vp@protonmail.ch> wrote:

Who do I have to badger to get the obsolete and frankly dangerous Debian repo instructions fixed @ https://www.postgresql.org/download/linux/debian/ ?

I still think that "frankly dangerous" is a gross exaggeration, but
the long-due update of the Debian and Ubuntu download pages has now
happened.

Christoph

← Back to Topics