diff --git a/.github/workflows/check_repos.yml b/.github/workflows/check_repos.yml index c686f9b..4e4b684 100644 --- a/.github/workflows/check_repos.yml +++ b/.github/workflows/check_repos.yml @@ -34,8 +34,8 @@ jobs: - distro: debian version: "11" # bullseye steps: - - name: Add packages.freedom.press PGP key (gpg) - if: matrix.version != 'trixie' + - name: Add packages.freedom.press PGP key (gpg --keyring) + if: matrix.version != 'trixie' && matrix.version != "25.04" run: | apt-get update && apt-get install -y gnupg2 ca-certificates dirmngr # NOTE: This is a command that's necessary only in containers @@ -58,6 +58,20 @@ jobs: --server hkps://keys.openpgp.org \ search "DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281" \ --output /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg + - name: Add packages.freedom.press PGP key (gpg --export) + if: matrix.version == '25.04' + run: | + apt-get update && apt-get install -y gnupg2 ca-certificates + dirmngr + # Newer versions of apt-secure need an unarmored PGP key as mentionned by + # https://manpages.ubuntu.com/manpages/plucky/man8/apt-secure.8.html + gpg --keyserver hkps://keys.openpgp.org \ + --no-default-keyring + --recv-keys "DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281" + mkdir -p /etc/apt/keyrings/ + gpg --export-options export-minimal --export \ + > /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg + - name: Add packages.freedom.press to our APT sources run: | . /etc/os-release diff --git a/INSTALL.md b/INSTALL.md index 5212d5d..dfbb11a 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -110,9 +110,10 @@ Dangerzone is available for: -First, retrieve the PGP keys. +First, retrieve the PGP keys. The instructions differ depending on the specific +distribution you are using: -Starting with Trixie, follow these instructions to download the PGP keys: +For Debian Trixie, follow these instructions to download the PGP keys: ```bash sudo apt-get update && sudo apt-get install sq -y @@ -123,6 +124,20 @@ sq network keyserver \ --output /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg ``` +For Ubuntu Plucky (25.04), follow these instructions: + +```bash +apt-get update && apt-get install -y gnupg2 ca-certificates +mkdir -p /etc/apt/keyrings/ +dirmngr +gpg --keyserver hkps://keys.openpgp.org \ + --no-default-keyring + --recv-keys "DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281" +gpg --export-options export-minimal --export \ + > /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg + +``` + On other Debian-derivatives: ```sh