1

I am simply trying to add ppa:shnatsel/minijail to my Ubuntu installation's APT system, but the design of this system majes it so hard to do. I try running sudo add-apt-repository ppa:shnatsel/minijail and I get

E: The repository 'http://ppa.launchpad.net/shnatsel/minijail/ubuntu focal Release' does not have a Release file.

I researched this error and found out this happened because the repository does not have an entry corresponding to Focal, so it can't verify the package. I checked the repo and saw the last Ubuntu version a package exists for is Trusty. So, I just added the file manually to /etc/apt/sources.list.d as shnatsel-minijail-ubuntu-trusty.list with the contents

deb http://ppa.launchpad.net/shnatsel/minijail/ubuntu trusty Release
#deb-src deb http://ppa.launchpad.net/shnatsel/minijail/ubuntu trusty Release

I run sudo apt-get update and I get a message telling me W: GPG error: http://ppa.launchpad.net/shnatsel/minijail/ubuntu trusty Release: The following signatures were invalid: <key ID>. Ugh! Now I run

sudo apt-key adv --keyserver.ubuntu.com --recv-keys <key ID>

The key ID can be found here under "Technical details". I run update and I get the same damn error message about the signature being invalid!

I'm running Ubuntu 20.04 and the most recent package from the repo in question is for 14.04. APT is incredibly opaque for dowloading stuff from old releases. What do I have to do to get APT to verify this package correctly?

Melab
  • 1,678
  • I can't be specific, but I recall flaws were detected in hashing/security-signature keys (all OSes; md5?) so all old keys were declared invalid by all OSes (inc. windows); trusty is before that flaw detection, focal no longer consider the old keys as trustworthy so you'll need to use --allow-unauthenticated to force the use. My memory is vague sorry. – guiverc Oct 01 '20 at 06:05
  • 1
    https://askubuntu.com/a/1240322/158442 – muru Oct 01 '20 at 06:39

0 Answers0