DotDeb updates: Repo now GPG signed!

i know its actually slightly older news but its worth sharing anyway, the DotDeb repositories are now GPG signed so you can be more assured that the mirrors are as safe and secure as the central mirror and you also dont have to worry about the this repository is not encrypted/signed error any more. am writing an update from my old tutorial which can be found here basically because i have fielded quite a few questions from people wondering if the uk mirror was broke or something because it needed the gpg key now. as always latest instructions for the DotDeb mirrors can be found over at below is a tutorial for debian users to add the UK mirrors into your system, it is totally interchangeable with the other dotdeb mirrors, just switch the URL’s for your required mirror. In other related news, over the weekend I successfully moved the UK mirror over onto the new SAN 2.0 infrastructure at so it should be twice as redundant now!

for this guide i am assuming you are logged in to ssh at root level or ssh’ed in and using sudo su to operate at root level and have nano installed on debian (any debian image works)

first off you need to edit your sources list
[bash]nano /etc/apt/sources.list[/bash]

in this file you will see lots of lines beginning in deb or deb-src these are the other repositories your server will connect to for updates, you do not need to touch these. press the down arrow until you get to the bottom, for ease of reading create a new line and then either type or copy and paste in the following code to add the dotdeb repositories to apt

[bash]deb stable all
deb-src stable all[/bash]

note if you are outside the UK you may experience better results by using another mirror repo of which the listing can be found at :

once that is done press control-x to exit and say y to save changes

and hit enter to save as the same file name, this should send you back to the shell

you will then need to fetch the GPG key and add it into the apt system


gpg –keyserver –recv-key 89DF5277

gpg -a –export 89DF5277 | apt-key add -[/bash]

NOTE: if you use a firewall like CSF and it also blocks outgoing ports, be sure to trust the server or allow the tcp outgoing port of: 11371 through the firewall

now type [bash]apt-get update[/bash]

this will update apt with all the package lists and tell it about the new packages available

now you can type [bash]apt-get upgrade[/bash]

for me and i suspect for all users it will update all your php packages with the latest 5.2.14 (at time of writing) from dotdeb
but not mysql. i am not quite sure why this is the case but it may be because the virtual packages are already installed so you have to “reinstall” them to update them to the new ones.

BEFORE you do this however, if like me you like to retain your current config files and then merge changes down to it rather than make your tweaks to a new file you will hit a bug, the latest version of mysql has now fully stopped supporting Berkeley databases, in the 5.0.51a release with debian this support is disabled which is fine but if you try to update, mysql will fail to start and therefore error out your upgrade/install because it reads an invalid configuration (but it doesnt tell you this when it happens). all you have to do is edit your mysql config file (most commonly found on debian in /etc/mysql/my.cnf) and comment out the line


as the latest version of mysql doesnt support it, now you should be able to run

[bash]apt-get install mysql-server mysql-client[/bash]

to reinstall the packages from the new 5.1 branch from dotdeb with no problems at all

some quirks from this though

in order to prevent against segfaults with apache the php5-mysql module has been compiled against the old mysql libraries this means that php will report your mysql client as 5.0.51a where it is actually 5.1.50 (at time of writing) this shouldnt cause any problems and i have only seen so far that phpmyadmin complains but doesnt have any problems.

also apache is not yet included in the repository, neither is lighttpd or nginx, hopefully this will change soon and the above quirk will no longer be seen

if you want php5.3 its currently stored in a seperate repository because the author thinks that its still too early days to be using php 5.3 widely on production servers personally i think this a good call but if you want to use php 5.3 you will need to add the following repos as well as the basic ones

[code]deb stable all
deb-src stable all[/code]

for more info regarding php5.3 and dotdeb check here: but they are now at php 5.3.3 which also includes php-FPM πŸ™‚

Posted in General, HOWTO's, Tutorials
Tags: , , ,