It is **necessary** that before you using these scripts you read them and understand what they do.
Why? Because your goal is to create a gitian build (deterministic) that has not been tampered with, thus trust shall be correctly attributed during your process.
For example, in this repository I provide the [Debian Archive keyring](../keyrings/debian-archive-keyring.gpg) that is used for the original debootstrap,
however you **must** verify its authenticity and that it is exactly [as provided officially by Debian](https://packages.debian.org/wheezy/all/debian-archive-keyring/download)
in order to continue using a trusted chain of systems.
echo -n "The Debian Archive keyring in your system ($DEFK) that will be used to debootstrap is different from the reference provided keyring. Continue? (Y/n) "
read -r ANSWER ||exit$?
done
if[["$ANSWER"=="n"]];then
exit1
fi
## use system's keyring, even if different than provided one
## this is a no-issue only in case the system's keyring is more recent than the provided one
KEYRING=$DEFK
fi
else
ANSWER=
while[["$ANSWER" !="Y"&&"$ANSWER" !="n"]];do
echo -n "Your system comes with no Debian Archive keyring in $DEFK that is necessary for debootstrap. Use reference provided keyring? (Y/n) "
read -r ANSWER ||exit$?
done
if[["$ANSWER"=="n"]];then
exit1
fi
fi
echo"Will use $KEYRING"
exit0
## NOTE: a temporary directory under /tmp is not used because can't be mounted dev/exec