Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

Virtualbox install problem, fresh install, GPG key error [SOLVED] by myself

Started by dcarrco, December 18, 2016, 06:34:54 PM

Previous topic - Next topic

dcarrco

so i was using Sparky earlier in the year and it worked well.  then i got overconfident and moved to Siduction because it uses the unstable debian channel and i thought living on the edge would be great.  unfortunately that left me with whole days where i couldnt use my computer.  so im back to Sparky.  i have spent last night and today re-installing everything i use and getting my system the way i like it.  everything has been going smoothly until i try to install virtualbox.  i will start at the beginning.  i uncomment the line in /etc/apt/sources.list.d/virtualbox.list and run sudo apt-get update:
Get:1 http://download.virtualbox.org/virtualbox/debian wheezy InRelease [7,158 B]
Hit:2 http://ftp.debian.org/debian testing InRelease                                                                                                     
Hit:3 http://security.debian.org testing/updates InRelease                                                                                       
Hit:4 http://www.deb-multimedia.org testing InRelease                                         
Hit:5 http://sparkylinux.org/repo testing InRelease                     
Err:1 http://download.virtualbox.org/virtualbox/debian wheezy InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54422A4B98AB5139
Reading package lists... Done
W: GPG error: http://download.virtualbox.org/virtualbox/debian wheezy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54422A4B98AB5139
E: The repository 'http://download.virtualbox.org/virtualbox/debian wheezy InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.


so.  of course i add the key
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 54422A4B98AB5139
Executing: /tmp/tmp.NLMFEAkokr/gpg.1.sh --recv-keys --keyserver keyserver.ubuntu.com 54422A4B98AB5139
gpg: key 54422A4B98AB5139: public key "Oracle Corporation (VirtualBox archive signing key) <info@virtualbox.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1


and then update again.  no problem, right?  uh oh
sudo apt update
Get:1 http://download.virtualbox.org/virtualbox/debian wheezy InRelease [7,158 B]
Hit:2 http://security.debian.org testing/updates InRelease                                                                                                                 
Err:1 http://download.virtualbox.org/virtualbox/debian wheezy InRelease                                                                                                     
  The following signatures were invalid: 7B0FAB3A13B907435925D9C954422A4B98AB5139
Hit:3 http://ftp.debian.org/debian testing InRelease                                                                                                                       
Hit:4 http://www.deb-multimedia.org testing InRelease                                         
Hit:5 http://sparkylinux.org/repo testing InRelease                     
Reading package lists... Done                     
W: GPG error: http://download.virtualbox.org/virtualbox/debian wheezy InRelease: The following signatures were invalid: 7B0FAB3A13B907435925D9C954422A4B98AB5139
E: The repository 'http://download.virtualbox.org/virtualbox/debian wheezy InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.


so i look it up and try the solutions over at virtualbox
# sudo -s -H
# apt-get clean
# rm /var/lib/apt/lists/*
# rm /var/lib/apt/lists/partial/*
# apt-get clean
# apt-get update


and i run the whole thing again.  but no.  still get a Invalid Signature response.  this has been holding me up for hours.  anyone?

EDIT:  ok.  so i changed the /etc/apt/sources.list.d/virtualbox.list entry to deb http://download.virtualbox.org/virtualbox/debian/ jessie contrib then updated.  it complained about a key so i ran
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com A2F683C52980AECF and now it updates fine without complaining about keys.  YAY.  but...

sudo apt install virtualbox-5.1
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
virtualbox-5.1 : Depends: libvpx1 (>= 1.0.0) but it is not installable
                  Recommends: libsdl-ttf2.0-0 but it is not going to be installed
                  Recommends: linux-image but it is not installable
E: Unable to correct problems, you have held broken packages.


EDIT:
ok so i verified no held packages.  i was thinking wheezy this whole time because thats what the line in /etc/apt/sources.list.d/virtualbox.list said, but
then i downloaded the jessie DEB file from virtualbox.org and then the stretch DEB file and THAT one installed.  so.  i guess it makes sense but
i thought the Sparky folks had the APT source list set to wheezy for a reason. 

paxmark1

https://packages.debian.org/sid/virtualbox           Note - there is no candidate for virtualbox in Testing-Stretch.  There is in Sid.    There is chatter about it, it is a mild nightmare for the DD what with the non-free virtualbox.  My recollection is that it is about long term availability of security fixes in a timely manner. 

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794466   Note:  first date is August 3, 2015
https://lists.debian.org/debian-backports/2016/12/msg00042.html
http://metadata.ftp-master.debian.org/changelogs/contrib/v/virtualbox/virtualbox_5.1.10-dfsg-2_changelog 

Things do disappear from testing while they remain in sid during a freeze, much of it is a forcing of upstream above Debian to fix grave and security bugs.  Also the migration with virtualbox to python3 happened, it is a very complex package.  However bug #830878 is listed as closed now.   Right now it is a waiting game.  For me, I have it on my main debian testing machine which has Stretch and it has been spawning way too many threads in itself and possibly onto other programs they as they seem to freeze  when I run virtualbox.

It might be similar to the mysql mariadb "thing", and since Debian's #1 focus is a secure and rock stable stable, now might be the time for me to retry qemu-kvm.   Please read message 125 from Dec 18, 2016 of bug #794466.  Note, I had no problems in the virtualboxes I just fired up with Siduction LXQT and Windows 7, but in bare metal testing my browser froze up when I started up virtualbox. 

peace out.
Search forum for "More info easier via inxi"    If requested -  no inxi, no help for you by  me.

View the most recent posts on the forum