Debian Bookworm support?

What’s the level of support for running Debian Bookworm / 12 on the Cubox-i4Pro (or any of the i.MX6 products)? Index of /debian/ still only goes up to Buster. I’m currently using upstream Debian & can update versions by changing the release stream in apt’s config files, but would that still if hardware support is missing?

1 Like

I’ve since stumbled upon the Debian 12 image from documentation on SolidRun’s GitHub: Documentation/imx6/debian-12_sr1.md at bsp · SolidRun/Documentation · GitHub

There’s still a problem, though: the image’s apt sources for SolidRun’s Debian 12 packages have invalid signatures and are unsigned.

The sources are:

deb http://repo.solid-run.com/v2/debian/imx6/v3 bookworm main non-free
deb-src http://repo.solid-run.com/v2/debian/imx6/v3 bookworm main non-free

Running apt update with these sources applied (either on an existing system, or on a fresh one created from the image) fails with:

W: GPG error: https://solidrun-repo-debian-imx6.sos-de-fra-1.exo.io/v3 bookworm Release: The following signatures were invalid: EXPKEYSIG CDEEC3F3E207C2D3 SolidRun BSP Debian Signing Key #1 <support@solid-run.com>
E: The repository 'http://repo.solid-run.com/v2/debian/imx6/v3 bookworm Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Indeed, browsing the file listing at SolidRun Repositories for i.MX6 Debian shows no Release.key available.

Also, the files at /etc/apt/trusted.gpg.d/sr_1.gpg and /usr/share/keyrings/solidrun-keyring.gpg in the Debian 12 image are identical to what was on my Debian 11 system, so perhaps they’re out of date.

Luckily, upgrading to upstream Debian 12 seems to have worked just fine for me (and I’ve been using upstream Debian since 10). Still, it would be nice to keep SolidRun’s packages up to date.

Are there any plans for this to be addressed, or is i.MX6 support dropped?

1 Like

Listing out my repo keys, I can see that the sr_1.gpg key expired on 28/02/2024. Everything was working fine up to this point but now I can’t keep my 3 cuboxes patched properly.

/etc/apt/trusted.gpg.d/sr_1.gpg
-------------------------------
pub   rsa3072 2022-02-28 [SC] [expired: 2024-02-28]
      A693 71D5 5606 6B46 3B78  E35D CDEE C3F3 E207 C2D3
uid           [ expired] SolidRun BSP Debian Signing Key #1 <support@solid-run.com>

It would be good to get this repo properly signed as, for me Debian 12 (Bookworm) works well. And it is the current stable.

This happened a while ago with Buster too!

Response from SR Support:

Unfortunately there is not much good to be done.
We are not providing regular updates to the solidrun repo,
only when generating new full image.

In this case while the warning is scary it has no impact on you, you are not missing out on anything.
Our general hope is that eventually the unpatched official debian can work again.
See below what we actually customised:

And see here the critical piece why we had to patch the kernel package: