Deciphering Rejection mails
Rejected: GPG signature check failed on `foobar_0.1-5.dsc'.
gpg: no valid OpenPGP data found.
gpg: processing message failed: eof
- This is GnuPG's way of reporting that the
file isn't signed (a requirement for both .changes and .dsc
- Sign the file and reupload.
- If it's an unsigned .dsc file (as is the case
in the example above) you will probably need to update and
resign the .changes file too; the devscripts package has tools
to automate this (debsign(1)).
Rejected: GPG signature check failed on `foobar_0.7.0-1.dsc'.
gpg: Signature made Sat Feb 3 10:35:13 2001 EST using DSA key ID 03FEB4F3
gpg: Can't check signature: public key not found
- The file in question was not signed with a key currently in
the Debian GnuPG or PGP keyring (a requirement for both .changes
and .dsc files).
- Either resign the .dsc and/or .changes with a key in the
keyring, or get the key in the keyring.
- The canonical location of the Debian keyrings is keyring.debian.org which
can be accessed via anonymous rsync. If your key is not in the
keyring, you need to mail email@example.com;
new keys can NOT be added via the keyserver on keyring.debian.org. If
you are switching to GnuPG from PGP and your new GnuPG key is
not yet in the keyring, consider using your PGP key until the
GnuPG key is added.
Rejected: foobar_0.8.1-5_i386.deb: Old version `0.8.1-6' >= new version `0.8.1-5'.
- Every new upload to the archive must have a greater version
number than existing versions in the target suite (stable,
- Increase the version number (with an epoch if necessary).
- You must increase the version number; requests to override the version check will be refused. The reasoning behind this is simple: if the version number does not increase, tools like dpkg, apt and dselect will not see the package as new and will not update it. Epoch-hating has become unfortunately trendly over the last 5 years or so, but with very little technical justification. If there's no better way to increase the version number: Just epoch it.
Rejected: Unknown distribution `woody'.
- You specified an invalid target suite (aka 'distribution').
- Specify a valid distribution/suite and reupload.
- Valid target suites are: 'stable', 'unstable' and 'experimental'. You can't upload to 'testing' as it's controlled by it's own scripts and does not accept direct uploads. If your package is not updating in testing, check the testing pages to see why. You can't upload to 'proposed-updates' directly, instead, upload to 'stable' and your package will be redirected to 'proposed-updates' automatically. Suite/distribution aliases (e.g. 'woody', 'potato') are not supported due to potential problems with their meaning changing between the time the source upload is done and the package is recompiled for some architecture.
Rejected: file 'bind9_9.1.0-2_i386.deb' has unknown component 'non-US/main'.
- You specified an invalid component.
- Specify a valid component and reupload.
- The component is specified as a prefix to the section information in 'debian/control'. Valid components for uploads to ftp-master.debian.org are: 'main', 'contrib' and 'non-free'.
Rejected: freeradius-client_1.1.6-3.dsc refers to non-existing file: freeradius-client_1.1.6.orig.tar.gz.
Perhaps you need to include it in your upload?
- You tried to upload a package, but its .orig.tar.* archive is not known in dak.
- Rebuild your packge passing '-sa' to dpkg-buildpackage and reupload.
- This usually happens when you upload a package which will end in NEW with a Debian revision different than -1. Make sure your .changes file has a line listing the .orig.tar.* archive.
[Much more to come, obviously...]
Archive maintainance team
Last modified: Mon Sep 2 17:23:08 CEST 2013