Repository setup modification required and No Public Key available on Import.

[timothygwebb]

To Whom It May Concern: I have fixed this issue on my local.

The issue was that the configuration in /etc/apt/sources.list.d/
RE https://forum.virtualmin.com/t/virtualmin-apt-update-problems/129093/5

Part of the issue I was having was the following.

pub rsa4096 2017-05-01 [SC] [expired: 2024-04-29]
E36F 0664 7D8E BD2B E364 2BCE D9F9 0107 60D6 2A6B
uid [ expired] Virtualmin, Inc. (Package signing key for Virtualmin 6) [email protected]

sudo apt-key del "[ expired] Virtualmin, Inc. (Package signing key for Virtualmin 6) [email protected]"
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK

sudo apt-key add RPM-GPG-KEY-virtualmin-7.gpg
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK

pub rsa4096 2022-01-08 [SC] [expires: 2029-01-06]
586C 427B 9590 C1C4 35A5 FE39 3E57 0892 B9A0 B8B7
uid [ unknown] Virtualmin, Inc. (Package signing key for Virtualmin 7) [email protected]
sub rsa4096 2022-01-08 [E] [expires: 2029-01-06]

The installer script is adding keys into the apt-key repository for both 6 and 7 this is a failure on the script and its actions.

Checking for HTTP client .. found /usr/bin/wget -nv
2024-11-25 00:06:54 URL:https://software.virtualmin.com/lib/slib.sh [24222/24222] -> "slib.sh" [1]
[2024-11-25 00:06:54 EST] [INFO] Log will be written to: /home/timothywebbsr/Downloads/virtualmin-install.log
[2024-11-25 00:06:54 EST] [DEBUG] LOG_ERRORS_FATAL=1
[2024-11-25 00:06:54 EST] [DEBUG] LOG_LEVEL_STDOUT=INFO
[2024-11-25 00:06:54 EST] [DEBUG] LOG_LEVEL_LOG=DEBUG
Checking for Perl .... found Perl at /usr/bin/perl
Checking for HTTP client .. found /usr/bin/wget -nv
Checking for GPG .. found GPG command
[2024-11-25 00:06:54 EST] [INFO] Started Virtualmin 7 GPL software repositories setup
[2024-11-25 00:06:54 EST] [DEBUG] Install mode: setup
[2024-11-25 00:06:54 EST] [DEBUG] Product: Virtualmin GPL
[2024-11-25 00:06:54 EST] [DEBUG] virtualmin-install.sh version: 7.4.0
[2024-11-25 00:06:54 EST] [DEBUG] Installing serial number and license key into /etc/virtualmin-license
[2024-11-25 00:06:55 EST] [DEBUG] Operating system name: Ubuntu
[2024-11-25 00:06:55 EST] [DEBUG] Operating system version: 24.10
[2024-11-25 00:06:55 EST] [DEBUG] Operating system type: ubuntu
[2024-11-25 00:06:55 EST] [DEBUG] Operating system major: 24
[2024-11-25 00:06:55 EST] [DEBUG] Configuring package manager for Ubuntu 24.10 ..
[2024-11-25 00:06:55 EST] [DEBUG] apt-get repos: virtualmin
[2024-11-25 00:06:55 EST] [DEBUG] Installing Webmin and Virtualmin package signing keys ..
Spin pid is: 3057688
2024-11-25 00:06:55 URL:https://software.virtualmin.com/lib/RPM-GPG-KEY-virtualmin-7 [3212/3212] -> "RPM-GPG-KEY-virtualmin-7" [1]
Downloading Virtualmin 7 key: Success.
Spin pid is: 3057732
gpg: key 3E570892B9A0B8B7: "Virtualmin, Inc. (Package signing key for Virtualmin 7) [email protected]" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
Installing Virtualmin 7 key: Success.
Spin pid is: 3057758
### E: Conflicting values set for option Signed-By regarding source https://software.virtualmin.com/vm/7/gpl/apt/ virtualmin: /usr/share/keyrings/ubuntu-virtualmin-7.gpg != /usr/share/keyrings/RPM-GPG-KEY-virtualmin-7.gpg
E: The list of sources could not be read.
Downloading repository metadata: [2024-11-25 00:06:57 EST] [ERROR] Failed with error: 100
[2024-11-25 00:06:57 EST] [ERROR] Something went wrong. Exiting.
[2024-11-25 00:06:57 EST] [ERROR] The last few log entries were:

pub rsa4096 2017-05-01 [SC] [expired: 2024-04-29]
E36F 0664 7D8E BD2B E364 2BCE D9F9 0107 60D6 2A6B
uid [ expired] Virtualmin, Inc. (Package signing key for Virtualmin 6) [email protected]

pub rsa4096 2022-01-08 [SC] [expires: 2029-01-06]
586C 427B 9590 C1C4 35A5 FE39 3E57 0892 B9A0 B8B7
uid [ unknown] Virtualmin, Inc. (Package signing key for Virtualmin 7) [email protected]
sub rsa4096 2022-01-08 [E] [expires: 2029-01-06]

As noted in the referenced web page this does not resolve the issue. The reason being can be found in the screenshot attached the key that cannot be verified is a sub key on the signature that is being validated and this must be rectified.

The rest of the conversation is on supporting 24.10+ versions with the mandatory repository structure updates.

I would like to contribute the required information to help in updating the installer and repository script setup.

This is the new repository that will allow you to support 24.10+

The below is a snippet of the code requirements that would need to be modified.

However I do understand that the script has these items stored in variables.

With this said there are many areas of the script that would need to have this information updated due to the $vm6_repos in the script with the binary selections on whether or not it is used along with the $vm_version and os.

Script execution after manual required updates.

Get: 7 https://software.virtualmin.com/vm/7/gpl/apt virtualmin InRelease [10.7 kB]
Err https://software.virtualmin.com/vm/7/gpl/apt virtualmin InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3E570892B9A0B8B7
W: Failed to fetch https://software.virtualmin.com/vm/7/gpl/apt/dists/virtualmin/InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3E570892B9A0B8B7

Here are just a few of the required script updates I had to reverse engineer and or update to get it to begin working.

Install our keys

log_debug "Installing Webmin and Virtualmin package signing keys .."
download "https://$upgrade_virtualmin_host/lib/RPM-GPG-KEY-virtualmin-$vm_version" "Downloading Virtualmin $vm_version key"
run_ok "gpg --import RPM-GPG-KEY-virtualmin-$vm_version && cat RPM-GPG-KEY-virtualmin-$vm_version | gpg --dearmor > /usr/share/keyrings/debian-virtualmin-$vm_version.gpg" "Installing Virtualmin $vm_version key"
download "https://$upgrade_virtualmin_host/lib/RPM-GPG-KEY-webmin" "Downloading Webmin key"
run_ok "gpg --import RPM-GPG-KEY-webmin && cat RPM-GPG-KEY-webmin | gpg --dearmor > /usr/share/keyrings/debian-webmin.gpg" "Installing Webmin key"

ubuntu)
if [ "$os_version" != "18.04" ] && [ "$os_version" != "20.04" ] && [ "$os_version" != "22.04" ] && [ "$os_version" != "24.04" ]&& [ "$os_version" != "24.10" ];
then
printf "${RED}${os_real} ${os_version} is not supported by this installer.${NORMAL}\n"
exit 1

24.10*)
repos="Types: deb deb-src
URIs: https://software.virtualmin.com/vm/7/gpl/apt
Suites: virtualmin
Components: main
Signed-By: /usr/share/keyrings/RPM-GPG-KEY-virtualmin-7.gpg"

With that being said I have went to the extent to validate the signatures and public key availability which is not available by doing the following from the InRelease signature.

gpg --include-key-block --auto-key-import InRelease
gpg: Signature made Sun 18 Aug 2024 12:49:05 AM EDT
gpg: using RSA key 586C427B9590C1C435A5FE393E570892B9A0B8B7
gpg: Good signature from "Virtualmin, Inc. (Package signing key for Virtualmin 7) [email protected]" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 586C 427B 9590 C1C4 35A5 FE39 3E57 0892 B9A0 B8B7

They sub keys are not expired so I do not understand why they public key is not available. The screenshot below shows the non expired sub keys that are trying to be validated by the public key which is not available.

I have attached the below screenshots for proof of successful checks on a 24.10+ system using Oracular Oriole.

Let me know your thoughts on how the team would like to incorporate this information.

Output from request to reinstall some are available and some are not due to the sub key validation issue.

sudo apt install --reinstall virtualmin
Note, selecting 'webmin-virtualmin-init' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-sqlite' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-styles-oswd' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-awstats' for glob 'virtualmin'
Note, selecting 'virtualmin-config' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-messageoftheday' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-htpasswd' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-vsftpd' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-iframe' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-notes' for glob 'virtualmin'
Note, selecting 'virtualmin-base' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-registrar' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-powerdns' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-password-recovery' for glob 'virtualmin'
Note, selecting 'virtualmin-core' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-nginx-ssl' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-slavedns' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-dav' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-nginx' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-git' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-support' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-mailrelay' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-google-analytics' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-svn' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-oracle' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-multi-login' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-signup' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-disable' for glob 'virtualmin'
Note, selecting 'webmin-virtualmin-mailman' for glob 'virtualmin'
Reinstallation of virtualmin-config is not possible, it cannot be downloaded.
Reinstallation of virtualmin-core is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-awstats is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-htpasswd is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-dav is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-disable is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-git is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-google-analytics is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-iframe is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-init is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-mailman is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-mailrelay is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-messageoftheday is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-multi-login is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-nginx is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-nginx-ssl is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-notes is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-oracle is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-password-recovery is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-powerdns is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-registrar is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-signup is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-slavedns is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-sqlite is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-styles-oswd is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-support is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-svn is not possible, it cannot be downloaded.
Reinstallation of webmin-virtualmin-vsftpd is not possible, it cannot be downloaded.
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0

[iliajie]

Hello,

We don’t support non-LTS Ubuntu releases, as they’re not really suitable for servers or production enterprise environments. This has always been the case, though we might consider supporting it as a Grade B system.

[timothygwebb]

Hello,

We don’t support non-LTS Ubuntu releases, as they’re not really suitable for servers or production enterprise environments. This has always been the case, though we might consider supporting it as a Grade B system.

Thanks for letting me know. I would like to know more about this Grade B system and if I could be of any assistance.