存储库 'http://dl.google.com/linux/chrome/deb stable Release' 未签名
The repository 'http://dl.google.com/linux/chrome/deb stable Release' is not signed
我在我的 CircleCi 设置中有以下步骤来安装 Google Chrome:
- run:
name: Install Chrome headless
working_directory: /
command: |
wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google.list && \
apt-get update && \
apt-get install -y dbus-x11 google-chrome-unstable && \
rm -rf /var/lib/apt/lists/*
它停止工作并且return出现以下错误消息:
W: GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: The repository 'http://dl.google.com/linux/chrome/deb stable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libappindicator3-1 libdbusmenu-gtk3-4 libindicator3-7
Recommended packages:
libu2f-udev
The following NEW packages will be installed:
dbus-x11 google-chrome-unstable libappindicator3-1 libdbusmenu-gtk3-4
libindicator3-7
0 upgraded, 5 newly installed, 0 to remove and 48 not upgraded.
Need to get 60.4 MB of archives.
After this operation, 214 MB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
google-chrome-unstable
E: There were unauthenticated packages and -y was used without --allow-unauthenticated
Exited with code 100
我该如何解决?
简短说明:Google 端的 GPG 密钥已过期,因此您(我们)必须等待。
你不知道。您必须等待 Google 更新他们的密钥并进行更新。
重要信息是:
The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority)
表示加密签名无效。其根源可能是攻击、配置错误或其他类型的技术问题。强制您的系统更新会导致 运行 您的网络浏览器版本未经验证,这会使您面临很多安全问题。
计划 1
This is the protection you are getting from these checks. You don't
want to update your software right now while something is messed up on
Google's end. Wait until they fix it. Don't try to override by
reinstalling keys until some official word comes out that a new key is
the solution.
方案二
Waiting until they fix it may not be an option for all. E.g. this is
breaking CI pipelines for us. If you now what you are doing, you might
take the risk and disable checks for this repo for now by adding
[trusted=yes] to it's configuration: deb [trusted=yes]
http://dl.google.com/linux/chrome/deb/ stable main –
我只是注释掉了 etc/apt/sources.list.d/google-chrome.list 中的条目,所以我再也看不到错误了。
我在我的 CircleCi 设置中有以下步骤来安装 Google Chrome:
- run:
name: Install Chrome headless
working_directory: /
command: |
wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google.list && \
apt-get update && \
apt-get install -y dbus-x11 google-chrome-unstable && \
rm -rf /var/lib/apt/lists/*
它停止工作并且return出现以下错误消息:
W: GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: The repository 'http://dl.google.com/linux/chrome/deb stable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libappindicator3-1 libdbusmenu-gtk3-4 libindicator3-7
Recommended packages:
libu2f-udev
The following NEW packages will be installed:
dbus-x11 google-chrome-unstable libappindicator3-1 libdbusmenu-gtk3-4
libindicator3-7
0 upgraded, 5 newly installed, 0 to remove and 48 not upgraded.
Need to get 60.4 MB of archives.
After this operation, 214 MB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
google-chrome-unstable
E: There were unauthenticated packages and -y was used without --allow-unauthenticated
Exited with code 100
我该如何解决?
简短说明:Google 端的 GPG 密钥已过期,因此您(我们)必须等待。
你不知道。您必须等待 Google 更新他们的密钥并进行更新。
重要信息是:
The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority)
表示加密签名无效。其根源可能是攻击、配置错误或其他类型的技术问题。强制您的系统更新会导致 运行 您的网络浏览器版本未经验证,这会使您面临很多安全问题。
计划 1
This is the protection you are getting from these checks. You don't want to update your software right now while something is messed up on Google's end. Wait until they fix it. Don't try to override by reinstalling keys until some official word comes out that a new key is the solution.
方案二
Waiting until they fix it may not be an option for all. E.g. this is breaking CI pipelines for us. If you now what you are doing, you might take the risk and disable checks for this repo for now by adding [trusted=yes] to it's configuration: deb [trusted=yes] http://dl.google.com/linux/chrome/deb/ stable main –
我只是注释掉了 etc/apt/sources.list.d/google-chrome.list 中的条目,所以我再也看不到错误了。