Saturday, December 14, 2019

Add buster-backports to a Raspberry Pi

Lets assume you wanted some app from buster-backports, usually because its more up to date than the version in buster. The Raspberry Pi foundation doesn't have a backports repo so you have to use the Debian one instead. This is how to add it.

Update: March 2021

The Raspberry Pi OS 64 bit already has the necessary signing keys. I haven't used the 32 bit one for a while but it may also have the necessary signing keys. You only need to do point 2 if you get an error telling you you don't have the GPG keys.

As mentioned in the comments the GPG keyservers disappear. The kfwebs.net listed below is no longer available but there are others listed in the comments that can be used instead.

 


1. Add to /etc/apt/sources.list
This adds the Debian buster-backports repo to our list of repositories to use. To edit the list of repositories:

sudo nano /etc/apt/sources.list

Add the following line to the end

deb http://deb.debian.org/debian buster-backports main


2. Add Debian Buster keys
This adds the signing keys so we can trust the Debian repos.

gpg --keyserver hkp://keys2.kfwebs.net:80 --recv-keys 04EE7237B7D453EC
gpg --keyserver hkp://keys2.kfwebs.net:80 --recv-keys 648ACFD622F3D138

gpg --export 04EE7237B7D453EC | sudo apt-key add -
gpg --export 648ACFD622F3D138 | sudo apt-key add -



3. Tell apt to update
Tell apt to get the latest list of packages.

sudo apt update


4. See if there is an updated package
If you want to see if there is an updated package called xxx use the following command:

sudo apt list xxx -a


5. Get a package from the backports repo
By default apt won't install packages from the backports repo, you need to tell it. If we want to install package xxx from buster-backports use the following command:

sudo apt install -t buster-backports xxx

6 comments:

Jim Jackson jj@franjam.org.uk said...

Hi Mark, I'm trying to follow using the buster backports stuff, but get...

# gpg --keyserver hkp://keys2.kfwebs.net:80 --recv-keys 04EE7237B7D453EC
gpg: keyserver receive failed: No keyserver available

can you advise on where to get the keys?

cheers
Jim

Mark G James said...

Unfortunately PGP key servers seem to come and go. A quick google search suggests using pgp.mit.edu, keys.gnupg.net, wwwkeys.pgp.net or keyring.debian.org.

Ted B said...

I had trouble with a couple different GPG keyservers, so I installed the package signing keys a different way. Debian provides them in the package "debian-archive-keyring". To avoid the chicken-and-egg problem, I downloaded the package manually from https://packages.debian.org/buster/all/debian-archive-keyring/download . Here was my process:

1. Copy the HTTP link from that site.
2. On the RPi, `curl -O http://http.us.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2019.1_all.deb`
3. For extra paranoia, ensure the SHA256 checksum of the downloaded file matches the expected value on the download page: `sha256sum debian-archive-keyring_2019.1_all.deb`
4. Install the package: `sudo dpkg -i debian-archive-keyring_2019.1_all.deb`
5. Proceed as normal with `sudo apt update`, `sudo apt install XXX` etc.

Mark G James said...

I tried Ted B's approach. The only thing that isn't correct is the URL he is using. Its got http: twice which it doesn't need. I suggest using this instead:

curl -O http://deb.debian.org/debian/pool/main/d/debian-archive-keyring_2019.1_all.deb

Rather than using the US server it will pick the one that is best for your location.

Roma Aligam said...

Was struggling to install QGIS3 in buster and ending up in Franken Debian. This post solves my problem! Thanks, Mark.

Unknown said...

For anyone coming to this post in early 2021, I was able to get around the PGP Source issue with this command:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC 648ACFD622F3D138

(Running Raspbian Lite on a Pi B 3+)