Your message dated Sat, 16 Dec 2017 20:50:22 +0000 with message-id <[email protected]> and subject line Bug#861695: fixed in debian-archive-keyring 2017.7+exp has caused the Debian Bug report #861695, regarding debian-archive-keyring: Please ship release-specific keys separately outside of /etc/apt/trusted.gpg.d/ to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 861695: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861695 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: debian-archive-keyring Version: 2014.3 Severity: normal Hi there! With the upcoming release of stretch, we now have the ability to run a functional debian system with nothing in /etc/apt/trusted.gpg.d or /etc/apt/trusted.gpg at all, thanks to the "signed-by" option documented in sources.list(5). I'd prefer to document the signing key for each repository explicitly in my sources.list file, rather than have globally-authorized signing keys in /etc/apt/trusted.gpg*. This lets me more narrowly tailor which keys are authorized to provide which archives. For example: deb [signed-by=/usr/share/keyrings/debian-archive-stretch-stable.gpg] http://ftp.debian.org/debian stretch main non-free contrib However, debian-archive-keyring ships the keys broken out into separate locations only in /etc/apt/trusted.gpg.d/*.gpg, and in /usr/share/keyrings it only includes the bulk collection. It would be great if debian-archive-keyring made it possible to avoid placing anything in /etc/apt/trusted.gpg.d while maintaining the disaggregated files in /usr/share/keyrings/ --dkg -- System Information: Debian Release: 9.0 Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages debian-archive-keyring depends on: ii gpgv 2.1.18-7 Versions of packages debian-archive-keyring recommends: ii gnupg 2.1.18-7 debian-archive-keyring suggests no packages. -- Configuration Files: /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg [Errno 2] No such file or directory: '/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg' /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg [Errno 2] No such file or directory: '/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg' /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg [Errno 2] No such file or directory: '/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg' /etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg [Errno 2] No such file or directory: '/etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg' /etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg [Errno 2] No such file or directory: '/etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg' /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg [Errno 2] No such file or directory: '/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg' /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg [Errno 2] No such file or directory: '/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg' -- no debconf information
--- End Message ---
--- Begin Message ---Source: debian-archive-keyring Source-Version: 2017.7+exp We believe that the bug you reported is fixed in the latest version of debian-archive-keyring, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Niels Thykier <[email protected]> (supplier of updated debian-archive-keyring package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 16 Dec 2017 20:25:55 +0000 Source: debian-archive-keyring Binary: debian-archive-keyring debian-archive-keyring-udeb Architecture: source Version: 2017.7+exp Distribution: experimental Urgency: medium Maintainer: Debian Release Team <[email protected]> Changed-By: Niels Thykier <[email protected]> Description: debian-archive-keyring - GnuPG archive keys of the Debian archive debian-archive-keyring-udeb - GnuPG keys of the Debian archive (udeb) Closes: 861695 Changes: debian-archive-keyring (2017.7+exp) experimental; urgency=medium . * Team upload. * Install separate keyrings for each release in /usr/share/keyrings (both in the regular deb and the udeb). This is to enable initial testing of narrowing the set of trusted keys per machine. Thanks to Daniel Kahn Gillmor for the suggestion. (Closes: #861695) Checksums-Sha1: 590d8e6a28c64c996e299b85c31d178070f9e640 1797 debian-archive-keyring_2017.7+exp.dsc 4147758347a4f757bb794025b5441cb96e483d28 79904 debian-archive-keyring_2017.7+exp.tar.xz 74c8bdd58f511fb6d85e90c81f239a25c4b408e6 6035 debian-archive-keyring_2017.7+exp_source.buildinfo Checksums-Sha256: 3d908b0d77cecc1c5c7e8c6f4978ce0f50907f31579476e38506e459c2568f98 1797 debian-archive-keyring_2017.7+exp.dsc 0fd4599762844e9e5193246050b47c8dfdd0cacba370fc0964014b63c6c8dca7 79904 debian-archive-keyring_2017.7+exp.tar.xz 284cb9eb88229000c1d0204d71119888ea9243f79e68c7b346bad76572ebc7b4 6035 debian-archive-keyring_2017.7+exp_source.buildinfo Files: 5b22b6de04e93576f4986dc0bb3d4558 1797 misc important debian-archive-keyring_2017.7+exp.dsc 7ee4d25577990f20ce58e592a1c671ee 79904 misc important debian-archive-keyring_2017.7+exp.tar.xz 6864efe4deed906d15c60cf85de73239 6035 misc important debian-archive-keyring_2017.7+exp_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsxMaRR2/33ygW0GXBUu7n32AZEIFAlo1gYYACgkQBUu7n32A ZEJ68g//WNybxJ8jJ6XJo8Fi53U1MV2XvbF3oUEt8FB9cnrCrw00lVF+eQwf6FKY hS5zaSZgNFXhZjeAzk59owarJr2DTcwLLohvXZimMO2oM5oosEbeU3/qWqxOntVk ueEqoem76ZRoNz3VhIdDZM/WqbSxtErYwvKdsK/SaliKLR/ef2hWknxjLOndcutj GTQu7v5Cj71RQWqSGuZOscLJ5zZ+nYR++dxPfcTLo/nx0VfsmxPZPcp/J7Wcq44T dxch7/IRBhOhSlXlFbnVqnwUDEOZCquPSYEX+DfN9onPQp2Lsy62ge9tfpv9t1qZ D4lXgzXox/5jUdIq/GD7Nlbww5WDdH5dGxMbaoZZdLbLNz8D4zC6cG5saOHM7Ys1 jpVsJedN1+98QzhpGOOPDJ4D6TAMYJu/ZGTfhJ1UEEvLrvBKmaUXhsK/slX+bSFJ hIkLH2qFY0w9mYicwJzcYmGG90rhWLlGgtwDVlkbx1VJ7/prlGZoaoIT2L9Z/WcI IFuVkFjLRlP+XuD03HZ0xRQcw4bI3dGpLWoZpi1XjkDfpNxLtIZivk9IoRbwTjvR 6AV3apnjsKWNKJnd0Na2vXV4uPzeKs1jeUuzlVgNOu8ivTv6u/qCtOkyjbV73S2b YVTekUTh/zk4U6hbcN5mUjgpyePB6s2BvQqmPQg9nj5jlUap2zk= =c4Hv -----END PGP SIGNATURE-----
--- End Message ---
