savannah-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to upgrade automake to 1.16.5?


From: Bob Proulx
Subject: Re: How to upgrade automake to 1.16.5?
Date: Sun, 15 Jan 2023 14:19:04 -0700

Hello afernandez,

You have reached the Savannah Users mailing list.  This is a community
of people who use the Savannah Free Software Forge.  The Savannah site
hosts hundreds of free software projects.  Both autoconf and automake
are among those hosted there.  But this list is more about how to use
the software forge site itself.

afernandez wrote:
> I was finally able to upgrade automake by using the gzipped files available
> at https://ftp.gnu.org/gnu/automake/.

For help about autoconf and automake the best place is to write to
the mailing lists associated with autoconf and automake.

    https://www.gnu.org/software/autoconf/
    https://www.gnu.org/software/automake/

afernandez wrote:
> In a Ubuntu 20.04 system, I had to upgrade autoconf to 2.71, which then
> required upgrading automake to 1.16.5. I'm following the instruction on the
> website

Which web site?

> but getting the following errors:
> wget https://ftp.gnu.org/gnu/automake/automake-1.16.5.tar.xz
> wget https://ftp.gnu.org/gnu/automake/automake-1.16.5.tar.xz.sig
> gpg --verify automake-1.16.5.tar.xz.sig
> gpg: directory '/home/ubuntu/.gnupg' created
> gpg: keybox '/home/ubuntu/.gnupg/pubring.kbx' created
> gpg: assuming signed data in 'automake-1.16.5.tar.xz'
> gpg: Signature made Mon Oct 4 03:23:30 2021 UTC
> gpg: using RSA key 155D3FC500C834486D1EEA677FD9FCCB000BEEEE
> gpg: Can't check signature: No public key
> gpg --keyserver keys.gnupg.net --recv-keys 7FD9FCCB000BEEEE
> gpg: keyserver receive failed: Server indicated a failure
> Thanks.

I was able to import both of those keys without any problem.

    rwp@turmoil:~/tmp/junk/autotools$ gpg --keyserver keys.gnupg.net 
--recv-keys 91FCC32B6769AA64
    gpg: key 0x91FCC32B6769AA64: public key "Zack Weinberg <zackw@panix.com>" 
imported
    gpg: Total number processed: 1
    gpg:               imported: 1

    rwp@turmoil:~/tmp/junk/autotools$ gpg --keyserver keys.gnupg.net 
--recv-keys 7FD9FCCB000BEEEE
    gpg: key 0x7FD9FCCB000BEEEE: "Jim Meyering <jim@meyering.net>" 1 new user ID
    gpg: key 0x7FD9FCCB000BEEEE: "Jim Meyering <jim@meyering.net>" 3 new 
signatures
    gpg: Total number processed: 1
    gpg:           new user IDs: 1
    gpg:         new signatures: 3

And then with that was able to get a "Good signature" for both of
those compressed sources.  The Good Signature will verify that the
sources are those signed.

Note that unless you have a web of trust between you and the signer
that gpg will warn that the key is not trusted.  That's an unfortunate
effect of the trust system.  But if the signature verified and you
obtained the key from a trusted source without a web of trust that is
the best that can be done as far as I know.

Perhaps you could try the gpg key download again?  It should work.  It
worked for me.  If not then I would try one of the other key servers.

    https://gnupg.org/faq/gnupg-faq.html#new_user_default_keyserver

Hope this helps! :-)
Bob



reply via email to

[Prev in Thread] Current Thread [Next in Thread]