Re: pgdg-keyring (or apt-key) failure on fresh 9.6 install

Moreno Andreo <moreno.andreo@evolu-s.it> writes:

> Hi Tim,
>
> Il 29/05/2018 00:06, Tim Cross ha scritto:
>> Moreno Andreo <moreno.andreo@evolu-s.it> writes:
>>
>>> Hi folks,
>>> I'm trying to install Postgresql 9.6 on a test machine in Google Cloud
>>> Platform
>>> After a fresh install with Debian 9 (just after the instance has been
>>> created) I follow steps from here
>>>
>>> https://wiki.postgresql.org/wiki/Apt
>>>
>>> (instead of pg 10 I install pg 9.6)
>>>
>>> During the installation process i encounter the following strange
>>> warnings that, even if that's a test machine, make me think twice before
>>> going ahead.
>>>
>>> [...]
>>> Processing triggers for man-db (2.7.6.1-2) ...
>>> Setting up pgdg-keyring (2017.3) ...
>>> Removing apt.postgresql.org key from trusted.gpg: Warning: The postinst
>>> maintainerscript of the package pgdg-keyring
>>> Warning: seems to use apt-key (provided by apt) without depending on
>>> gnupg or gnupg2.
>>> Warning: This will BREAK in the future and should be fixed by the
>>> package maintainer(s).
>>> Note: Check first if apt-key functionality is needed at all - it
>>> probably isn't!
>>> OK
>>> Setting up xml-core (0.17) ...
>>> [...]
>>>
>>> I have to say that installation is successfully and database server goes
>>> up and apparently with no problems at all.
>>>
>> This looks like a warning for the package maintainers regarding ensuring
>> the package depends on either gnupg or gnupg2 and nothing you need to
>> worry about unless you are building/maintaining deb packages for postgres.
> Brilliant. That's what I needed to know. Just to avoid bitter surprises 
> in the future... :-)
>>
>> The Debian package manager, apt, uses gpg keys to verify the
>> authenticity of packages it downloads. My guess is that previously, you
>> only needed to ensure the package had a dependency on apt-key and now
>> apt has/is changing such that you need to have an explicit dependency on
>> either gnupg or gnupg2.
>>
> ... so if I update/upgrade this instance in the future it will be 
> automatically fixed (and there shouldn't be issues), right?
> Thanks a lot!
>

Right. In fact, there are no issues now. That warning is from the Debian
package management system and about the package management system, so
nothing to do with Postgres.

When you upgrade in the future, provided the new Postgres packages have
been created with the dependency for gnupg/gnupg2, there will be no
warnings.

Personally, I tend to prefer using the packages which come with the
particular flavour of Linux your installing as they are often more
in-line with the current version of the package management system being
used. I only grab packages from the specific Postgres repo if the
package is not in the current version of the distribution I'm
installing. 

-- 
Tim Cross