• skip to sidebar
  • skip to search box

trainedmonkey

by Jim Winstead Jr.

Entries tagged 'ubuntu'

Configuring third-party Apt repositories with Ubuntu

I just upgraded my primary development machine to the latest Ubuntu LTS (24.04.1) and it disabled the third-party sources I had set up for things like WezTerm, Tailscale, Syncthing, and the GitHub CLI. (It warned it would be doing this.)

When I re-enabled them, I finally made sure they were set up in the modern-ish way and no longer complained about keys that were installed using deprecated methods.

Now, the keychain for each repository is in the /usr/share/keyrings directory in a file named something like tailscale-archive-keyring.gpg. Some of the keys were mashed together in /etc/apt/trusted.gpg before, but apt-key list showed those were keys that I had individually under /usr/share/keyrings so I just went ahead and deleted /etc/apt/trusted.gpg entirely.

For each repository, there is either a repository.list or repository.sources file in /etc/apt/sources.list.d. The .list files are in “one line format”, and the .sources files in a friendlier key-value format called “deb822”. The formats are explained the sources.list(5) man page.

For example, here’s the /etc/apt/sources.list.d/tailscale.sources:

Enabled: yes
Types: deb
URIs: https://pkgs.tailscale.com/stable/ubuntu
Suites: noble
Components: main
Signed-By: /usr/share/keyrings/tailscale-archive-keyring.gpg

And /etc/apt/sources.list.d/wezterm.list:

deb [signed-by=/usr/share/keyrings/wezterm-fury.gpg] https://apt.fury.io/wez/ * *

The files in my /etc/apt/sources.list.d were a bit of a jumble, where some had been renamed with an extra .distUpgrade extension and the deb822-formated files had Enabled: no. I moved everything back into the proper filenames and changed those yeses to nos, and now when I run apt update it pulls all from all of the appropriate sources and doesn’t complain about any deprecated keys.

Instead of referencing a key file in the Signed-By line of a source, you can also directly embed the ASCII representation of the key. With that, the tailscale.sources looks like:

Enabled: yes
Types: deb
URIs: https://pkgs.tailscale.com/stable/ubuntu
Suites: noble
Components: main
Signed-By:
 -----BEGIN PGP PUBLIC KEY BLOCK-----

 mQINBF5UmbgBEADAA5mxC8EoWEf53RVdlhQJbNnQW7fctUA5yNcGUbGGGTk6XFqO
 nlek0Us0FAl5KVBgcS0Bj+VSwKVI/wx91tnAWI36CHeMyPTawdT4FTcS2jZMHbcN
 UMqM1mcGs3wEQmKz795lfy2cQdVktc886aAF8hy1GmZDSs2zcGMvq5KCNPuX3DD5
 INPumZqRTjwSwlGptUZrJpKWH4KvuGr5PSy/NzC8uSCuhLbFJc1Q6dQGKlQxwh+q
 AF4uQ1+bdy92GHiFsCMi7q43hiBg5J9r55M/skboXkNBlS6kFviP+PADHNZe5Vw0
 0ERtD/HzYb3cH5YneZuYXvnJq2/XjaN6OwkQXuqQpusB5fhIyLXE5ZqNlwBzX71S
 779tIyjShpPXf1HEVxNO8TdVncx/7Zx/FSdwUJm4PMYQmnwBIyKlYWlV2AGgfxFk
 mt2VexyS5s4YA1POuyiwW0iH1Ppp9X14KtOfNimBa0yEzgW3CHTEg55MNZup6k2Q
 mRGtRjeqM5cjrq/Ix15hISmgbZogPRkhz/tcalK38WWAR4h3N8eIoPasLr9i9OVe
 8aqsyXefCrziaiJczA0kCqhoryUUtceMgvaHl+lIPwyW0XWwj+0q45qzjLvKet+V
 Q8oKLT1nMr/whgeSJi99f/jE4sWIbHZ0wwR02ZCikKnS05arl3v+hiBKPQARAQAB
 tERUYWlsc2NhbGUgSW5jLiAoUGFja2FnZSByZXBvc2l0b3J5IHNpZ25pbmcga2V5
 KSA8aW5mb0B0YWlsc2NhbGUuY29tPokCTgQTAQgAOBYhBCWWqZ6qszghiTwKeUWM
 qDKVf1hoBQJeVJm4AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEEWMqDKV
 f1hoWHEP/1DYd9WZrodyV5zy1izvj0FXtUReJi374gDn3cHrG6uYtXcE9HWZhxQD
 6nDgYuey5sBhLvPQiE/sl5GYXNw/O95XVk8HS54BHCCYq1GeYkZaiCGLGFBA08JK
 7PZItGsfdJHwHfhSMtGPS7Cpmylje9gh8ic56NAhC7c5tGTlD69Y8zGHjnRQC6Hg
 wF34jdp8JTQpSctpmiOxOXN+eH8N59zb0k30CUym1Am438AR0PI6RBTnubBH+Xsc
 eQhLJnmJ1bM6GP4agXw5T1G/qp95gjIddHXzOkEvrpVfJFCtp91VIlBwycspKYVp
 1IKAdPM6CVf/YoDkawwm4y4OcmvNarA5dhWBG0Xqse4v1dlYbiHIFcDzXuMyrHYs
 D2Wg8Hx8TD64uBHY0fp24nweCLnaZCckVUsnYjb0A494lgwveswbZeZ6JC5SbDKH
 Tc2SE4jq+fsEEJsqsdHIC04d+pMXI95HinJHU1SLBTeKLvEF8Zuk7RTJyaUTjs7h
 Ne+xWDmRjjR/D/GXBxNrM9mEq6Jvp/ilYTdWwAyrSmTdotHb+NWjAGpJWj5AZCH9
 HeBr2mtVhvTu3KtCQmGpRiR18zMbmemRXUh+IX5hpWGzynhtnSt7vXOvhJdqqc1D
 VennRMQZMb09wJjPcvLIApUMl69r29XmyB59NM3UggK/UCJrpYfmuQINBF5UmbgB
 EADTSKKyeF3XWDxm3x67MOv1Zm3ocoe5xGDRApPkgqEMA+7/mjVlahNXqA8btmwM
 z1BH5+trjOUoohFqhr9FPPLuKaS/pE7BBP38KzeA4KcTiEq5FQ4JzZAIRGyhsAr+
 6bxcKV/tZirqOBQFC7bH2UAHH7uIKHDUbBIDFHjnmdIzJ5MBPMgqvSPZvcKWm40g
 W+LWMGoSMH1Uxd+BvW74509eezL8p3ts42txVNvWMSKDkpiCRMBhfcf5c+YFXWbu
 r5qus2mnVw0hIyYTUdRZIkOcYBalBjewVmGuSIISnUv76vHz133i0zh4JcXHUDqc
 yLBUgVWckqci32ahy3jc4MdilPeAnjJQcpJVBtMUNTZ4KM7UxLmOa5hYwvooliFJ
 wUFPB+1ZwN8d+Ly12gRKf8qA/iL8M5H4nQrML2dRJ8NKzP2U73Fw+n6S1ngrDX8k
 TPhQBq4EDjDyX7SW3Liemj5BCuWJAo53/2cL9P9I5Nu3i2pLJOHzjBSXxWaMMmti
 kopArlSMWMdsGgb0xYX+aSV7xW+tefYZJY1AFJ1x2ZgfIc+4zyuXnHYA2jVYLAfF
 pApqwwn8JaTJWNhny/OtAss7XV/WuTEOMWXaTO9nyNmHla9KjxlBkDJG9sCcgYMg
 aCAnoLRUABCWatxPly9ZlVbIPPzBAr8VN/TEUbceAH0nIwARAQABiQI2BBgBCAAg
 FiEEJZapnqqzOCGJPAp5RYyoMpV/WGgFAl5UmbgCGwwACgkQRYyoMpV/WGji9w/8
 Di9yLnnudvRnGLXGDDF2DbQUiwlNeJtHPHH4B9kKRKJDH1Rt5426Lw8vAumDpBlR
 EeuT6/YQU+LSapWoDzNcmDLzoFP7RSQaB9aL/nJXv+VjlsVH/crpSTTgGDs8qGsL
 O3Y2U1Gjo5uMBoOfXwS8o1VWO/5eUwS0KH7hpbOuZcf9U9l1VD2YpGfnMwX1rnre
 INJqseQAUL3oyNl76gRzyuyQ4AIA06r40hZDgybH0ADN1JtfVk8z4ofo/GcfoXqm
 hifWJa2SwwHeijhdN1T/kG0FZFHs1DBuBYJG3iJ3/bMeL15j1OjncIYIYccdoEUd
 uHnp4+ZYj5kND0DFziTvOC4WyPpv3BlBVariPzEnEqnhjx5RYwMabtTXoYJwUkxX
 2gAjKqh2tXissChdwDGRNASSDrChHLkQewx+SxT5kDaOhB84ZDnp+urn9A+clLkN
 lZMsMQUObaRW68uybSbZSmIWFVM1GovRMgrPG3T6PAykQhFyE/kMFrv5KpPh7jDj
 5JwzQkxLkFMcZDdS43VymKEggxqtM6scIRU55i059fLPAVXJG5in1WhMNsmt49lb
 KqB6je3plIWOLSPuCJ/kR9xdFp7Qk88GCXEd0+4z/vFn4hoOr85NXFtxhS8k9GfJ
 mM/ZfUq7YmHR+Rswe0zrrCwTDdePjGMo9cHpd39jCvc=
 =AIVM
 -----END PGP PUBLIC KEY BLOCK-----

I converted the binary format of the key (the .gpg file) into that text representation with:

$ gpg --keyring tailscale-archive-keyring.gpg --no-default-keyring --export -a
» Wednesday, September 11, 2024 @ 12:14pm » ubuntu, tailscale, DevOps, Debian » Bluesky butterfly logo » Comment

Thoughts from SCALE 21x, day 1

The entry to the registration area at the Southern California Linux Expo.

Today was the first day of the 21st Southern California Linux Expo, also known as SCALE 21x. I gave a talk at way back at SCALE 4x and hadn’t made it back since then.

I attended a couple of talks on the UbuCon track at the beginning of the day. They weren’t technical talks, but focused on how the Ubuntu community operates and how Canonical relates to that. It sounds like Canonical has opened itself up more to the community by adopting Matrix as both their internal communications tool as well as what the community uses, which I think is very important for encouraging the developers in a commercial open source environment to engage with the community. This was an issue for us back in the MySQL days, too.

(There was also a comment about “neck beards” being annoying about not adopting newer communication tools and wanting everyone to stick with IRC, I think coming from someone involved with openSUSE, which I thought was kind of funny.)

After that, I popped over to the beginning of the Kwaai Personal AI Summit because Doc Searls was giving a (brief) talk and I thought I would see if there was anything to this AI thing that I’ve been hearing about. The room had a lot of old dude energy that just wasn’t sitting right with me, so I ended up bailing after Doc’s talk.

Since I left that earlier than I had planned, I ended up wandering into a PostgreSQL talk on how “wait events” can be used for troubleshooting performance, and I had a déjà vu moment because only yesterday I had run across the old Worklog for MySQL’s PERFORMANCE_SCHEMA which blames credits me for suggesting that’s what the name of the schema should be. It was yet another random “plate of shrimp” moment that has been happening with frequency as of late.

Then I attended a workshop from the Kubernetes Community Day track on using Argo CD to put the OpenGitOps principles into practice. While I have been using Docker for a while, I haven’t really played around with Kubernetes or other container automation tools, so I figured this might be a good way to start learning more. Unfortunately, the hands-on workshop part of the session didn’t actually work due to some problem with the training environment from the sponsoring company, which kind of helped reinforce my instinct that a lot of these tools still have a lot of sharp edges. The concept sounds great, though.

Finally, I popped back over to the PostgreSQL track for their (apparently popular) “Ask Me Anything” session with some of the prominent community members and core developers that were in attendance. I was reminded today that the PostgreSQL project doesn’t have a bug tracker aside from their mailing list archive. I remembered writing about this before, and it turns out that was in 2008. (No shade intended that they don’t have one, it seems to be working out okay.)

That was the day. I really don’t want to seem like I am passing any judgement on anything because I know that putting on an event like this is tremendously difficult, and while there is an impressive line-up of sponsors this is clearly a community-driven and focused event. I was disappointed by how old, white, and male the crowd seemed to be (fully acknowledging that’s my demographic), and I’ll be interested to see if that holds true for the whole run or if this an outlier day because it was more workshop-oriented and the expo floor wasn’t open.

» Thursday, March 14, 2024 @ 10:21pm » mysql, ubuntu, postgresql, AI, SCALE21x, Matrix, kubernetes, Kwaai » » Comment

Back on Linode

For some reason I couldn’t keep the the instances I was setting up on Oracle Cloud Infrastructure (OCI) from eating themselves when I did something fancy like run apt-get update, so I moved everything back to Linode ($100 referral credit there) on one of the lowest-price Nanode compute instances.

I took the opportunity to rebuild the host on Debian just to give that a spin. My setup runs on containers managed by docker-compose, so the underlying system doesn’t matter to me that much.

I should probably be using this as an opportunity to learn some infrastructure-as-code tools.

» Friday, March 8, 2024 @ 6:30pm » ubuntu, linode, OCI, Debian » Bluesky butterfly logo » Comment

a very dorky sunday

today i upgraded the (virtual) machine that hosts this site and some others to karmic koala. in the process, i discovered that linode’s user-mode linux kernel is not up-to-date enough for that, so i had to migrate to one of their xen hosts (totally painless, and probably long overdue).

i also wrote the beginnings of an endpoint for tweetie 2’s new support for a custom image server, which explains the earlier picture of wonton. a custom url shortener will be next to come.

oh, and i made banana bread.

» Monday, December 7, 2009 @ 8:40am » ubuntu, wonton, linode, tweetie, baking » Comment

pthread_rwlock_wrlock bug on amd64 with hoary hedgehog

my otherwise-painless upgrade to ubuntu’s hoary hedgehog release was marred by a bug in pthread_rwlock_wrlock() on amd64 that was fixed in the upstream glibc more than a year ago. ugh.

i wonder what the policy of ubuntu is with regard to fixing things like this. i really hope i don’t have to created a patched glibc myself.

on the bright side, the upgrade fixed the xserver configuration, so now it starts up and shows the pretty login screen. i logged in and it looked and sounded pretty.

» Friday, June 10, 2005 @ 6:54pm » mysql, bugs, ubuntu » Comment

the best part of matthew thomas’s review of usability problems with ubuntu is the punchline.

» Tuesday, April 12, 2005 @ 1:25pm » software, ubuntu, usability » Comment
  • Home
  • About
  • Archive
  • Bookmarks
  • Photos
  • Projects
  • GitHub
  • @jimw@mefi.social

Dedicated to the public domain by Jim Winstead Jr.