mohammad7410 at gmail
Dec 15, 2010, 11:48 AM
Post #22 of 35
On Wed, Dec 15, 2010 at 9:34 PM, Andrew Flegg <andrew [at] bleb> wrote:
> On Wed, Dec 15, 2010 at 19:30, Mohammad Abu-Garbeyyeh
> <mohammad7410 [at] gmail> wrote:
> > If any dirty workarounds have to be done, I would've removed Nokia's
> > repositories from the trusted list in HAM's configuration file and
> > announced the SSU long ago.
> Well, that's still an approach open to us if it's all or nothing.
> > Sadly, no one's offering to help with it, might as well start reading
> > all of HAM's source to see what goes where and why.
> Could you bring the list (or, perhaps, maemo-developers) up to speed on:
> a) Where you're at.
> b) What the problems are.
> c) What approaches you've tried/discounted.
I'm sure I sent an email about that last month ;)
Anyway, the SSU is all set up and can in fact be used on devices, however,
it will only work with apt, and HAM will ignore packages from the repo.
Niels also set up a builder, so we can distribute packages with their
The postinst file currently adds the GPG key with apt-key, so that's apt-get
working fine with packages being authorised and all.
It also adds the fingerprint of the key to HAM's config file, and with the
package, it also adds <certified/> to the config, as is done with the
SSU repos, the trust level is also set to 650, higher than all other repos,
yet HAM still ignores the packages.
Another problem at hand is that we're replacing Nokia's meta packages with
our own ones (locales aren't depended on, so one package should work on
all firmwares (002, 003 etc...)), however, to do this, apt and HAM should
be running, and a terminal window has to be launched from the postinst
(which, for some reason, works when installing with dpkg, but not with apt).
The last problem isn't something to worry about, I guess we can make a quick
GUI to enable and/or disable the community SSU, which the user clicks after
installation, it's a one-time process for the user.
So the only major problem right now is HAM ignoring packages from the
or the "wrong domain" as logs show.