存储库“ http://dl.google.com/linux/chrome/deb稳定发行版”未签名

时间:2019-04-12 08:03:19

标签: linux google-chrome ubuntu apt

在CircleCi设置中,我需要执行以下步骤来安装Google Chrome:

  - run:
      name: Install Chrome headless
      working_directory: /
      command: |
        wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \
          echo "deb http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google.list && \
          apt-get update && \
          apt-get install -y dbus-x11 google-chrome-unstable && \
          rm -rf /var/lib/apt/lists/*

它停止工作并返回以下错误消息:

W: GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures were invalid: EXPKEYSIG 1397BC53640DB551 Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
W: The repository 'http://dl.google.com/linux/chrome/deb stable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Reading package lists... Done


Building dependency tree       


Reading state information... Done

The following additional packages will be installed:
  libappindicator3-1 libdbusmenu-gtk3-4 libindicator3-7
Recommended packages:
  libu2f-udev
The following NEW packages will be installed:
  dbus-x11 google-chrome-unstable libappindicator3-1 libdbusmenu-gtk3-4
  libindicator3-7
0 upgraded, 5 newly installed, 0 to remove and 48 not upgraded.
Need to get 60.4 MB of archives.
After this operation, 214 MB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
  google-chrome-unstable
E: There were unauthenticated packages and -y was used without --allow-unauthenticated
Exited with code 100

我该如何解决?

4 个答案:

答案 0 :(得分:17)

你不知道。您必须等待Google更新其密钥并进行更新。

重要信息是:

  

以下签名无效:EXPKEYSIG 1397BC53640DB551 Google Inc.(Linux软件包签名机构)

这意味着密码签名无效。造成这种情况的原因可能是攻击,配置错误或其他类型的技术问题。强制系统更新将导致运行未经验证的Web浏览器版本,从而使您面临很多安全问题。

答案 1 :(得分:7)

与这个问题相同(相差10分钟):https://askubuntu.com/questions/1133199/the-following-signatures-were-invalid-expkeysig-1397bc53640db551

简短说明:Google方面的GPG密钥已过期,因此您(我们)必须等待。

答案 2 :(得分:2)

计划1

  

这是您从这些检查中获得的保护。你不   想要立即更新您的软件,而有些麻烦   谷歌的终结。等待他们修复它。不要试图以   重新安装密钥,直到有官方消息说新密钥是   解决方案。

计划2

  

等待直到他们解决问题,才可能不是所有人的选择。例如。这是   为我们打破CI流程。如果您现在正在做什么,则可能   冒险并通过添加暂时禁用此存储库的检查   [trusted = yes]为其配置:deb [trusted = yes]   http://dl.google.com/linux/chrome/deb/稳定的主体–

source

答案 3 :(得分:0)

我只是将 etc/apt/sources.list.d/google-chrome.list 中的条目注释掉,所以我看不到错误了。

相关问题
最新问题