You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the DEB file is failing verification. It's been a while but based on my install scripts that I used, I'm fairly certain that the DEB file used to verify. The issue is that the DEB file itself is not being signed.
The solution is to add a step to the build process that runs something like:
This will add a file to the DEB file that includes a signature.
It should also be straightforward to sign the .changes and .dsc files as well which would be useful for others. Although for my purposes I only really care about verifying the actual DEB that I'm going to install directly.
Reproduction Steps
Install the public key to /usr/share/debsig/keyrings/49023CD01DE21A7B/debsig.gpg
Install the debsig policy file to /etc/debsig/policies/49023CD01DE21A7B/debsig.pol
Run debsig-verify ./<jellyfin_deb_file>.deb
Example debsig.pol file:
<?xml version="1.0"?>
<!DOCTYPEPolicy SYSTEM "https://www.debian.org/debsig/1.0/policy.dtd">
<Policyxmlns="https://www.debian.org/debsig/1.0/">
<OriginName="Jellyfin"id="49023CD01DE21A7B"Description="Jellyfin Media Server"/>
<Selection>
<RequiredType="origin"File="debsig.gpg"id="49023CD01DE21A7B"/>
</Selection>
<VerificationMinOptional="0">
<RequiredType="origin"File="debsig.gpg"id="49023CD01DE21A7B"/>
</Verification>
</Policy>
Actual Behavior
Message stating:
Origin Signature check failed. This deb might not be signed.
Expected Behavior
I expect that there will be a message stating that the DEB file is valid.
Jellyfin Version
10.8.13
if other:
No response
Environment
- OS: Linux (Ubuntu)
- Linux Kernel: N/A
- Virtualization: N/A
Jellyfin logs
N/A
FFmpeg logs
No response
Please attach any browser or client logs here
No response
Please attach any screenshots here
No response
Code of Conduct
I agree to follow this project's Code of Conduct
The text was updated successfully, but these errors were encountered:
Please describe your bug
Currently the DEB file is failing verification. It's been a while but based on my install scripts that I used, I'm fairly certain that the DEB file used to verify. The issue is that the DEB file itself is not being signed.
The solution is to add a step to the build process that runs something like:
This will add a file to the DEB file that includes a signature.
It should also be straightforward to sign the
.changes
and.dsc
files as well which would be useful for others. Although for my purposes I only really care about verifying the actual DEB that I'm going to install directly.Reproduction Steps
/usr/share/debsig/keyrings/49023CD01DE21A7B/debsig.gpg
/etc/debsig/policies/49023CD01DE21A7B/debsig.pol
debsig-verify ./<jellyfin_deb_file>.deb
Example
debsig.pol
file:Actual Behavior
Message stating:
Expected Behavior
I expect that there will be a message stating that the DEB file is valid.
Jellyfin Version
10.8.13
if other:
No response
Environment
Jellyfin logs
FFmpeg logs
No response
Please attach any browser or client logs here
No response
Please attach any screenshots here
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: