| From: | Laura Smith <n5d9xq3ti233xiyif2vp(at)protonmail(dot)ch> |
|---|---|
| To: | postgre <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Obsolete Linux downloads (Debian) instructions |
| Date: | 2024-04-12 10:43:52 |
| Message-ID: | t302wUcbygPnZ0Kg1Kbxbe9K6iKcK47rpXQhZvOwBPJ1jn-qTOG4V2bFIIrr7bSXtvjC8vCSPLsvkBNSVqM2pU8I5xyWc86DOkGf17AxXK4=@protonmail.ch |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi
Who do I have to badger to get the obsolete and frankly dangerous Debian repo instructions fixed @ https://www.postgresql.org/download/linux/debian/ ?
The manner proposed is really "not the done thing" in 2024 and it has been explicitly obsoleted by Debian so the project really should not be promoting it as a supported manner to do things.
TL;DR: You should not be using blindly trusting keys for all repos (which is what apt-key add does). See : https://wiki.debian.org/DebianRepository/UseThirdParty
Something like this is the way it should be done:
# Install GPG Certcurl -fsSL "https://www.postgresql.org/media/keys/ACCC4CF8.asc" \
| gpg --dearmor \
| sudo sponge /etc/apt/keyrings/postgresql.gpg
# Create source list file
. /etc/os-release
echo "deb [signed-by=/etc/apt/keyrings/postgresql.gpg] https://apt.postgresql.org/pub/repos/apt ${VERSION_CODENAME}-pgdg main" \
| doas sponge /etc/apt/sources.list.d/postgresql.list
## Install
doas apt-get update && apt-get -y install postgresql
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2024-04-12 10:57:48 | Re: Obsolete Linux downloads (Debian) instructions |
| Previous Message | Thierry Henrio | 2024-04-12 10:33:06 | effect on planner of turning a subquery to a table, sql function returning table |