Hi, by the way apt-key belongs to the package apt:
root@bionic-test:/home/kollstedt# apt-file search apt-key [...] apt: /usr/bin/apt-key [...] It is installed when the error occurs and is exitting with the error mentioned above. But there is indeed another way to add the public key without using "apt-key add". They can simply be copied to /etc/apt/trusted.gpg.d, with the ending *.gpg if it's binary format. With the ending *.asc for ASCII-amored format. Please find a patch attached that use this way to add instead of the old way with apt-key. The two following Debian Bugs for this lead me tho this: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851774 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886473 I also sent this message to the first one I considered to be the main one. For the ones reading the debian bug, this was mainly send to https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1754075 Since this also found it's way to Ubunut 18.4 bionic (unreleased LTS). But there is some (more or less) usefull disscussion but as far as I can see no patch, yet. So I prepared one. Thanks to Marga Manterola and Philipp Kern for the idea. One of the most important errors in stuff discussed there is IMHO the lack of "-- " which is necessary to prevent grep from interpreding the leading --. I also decided not to filter for things that are not relevant. Since comments describing the Publickey or it's origin might be placed above the -----BEGIN PGP PUBLIC KEY BLOCK----- (without hitting gpgv), and we would not be able to prevent all possible syntax evil here, without having gpg to import and export the public key to and from a temporary keyring. I'm also trying to assign a useful name to the key added this way. This patch should IMHO work, but I have no opportunity to test it without your help, since we're in udeb and testing preseed issues. ;-) Kind regards, Lars -- Lars Kollstedt Telefon: +49 6151 16-71027 E-Mail: l...@man-da.de man-da.de GmbH Dolivostraße 11 64293 Darmstadt Sitz der man-da.de GmbH: Darmstadt Amtsgericht Darmstadt, HRB 9484 Geschäftsführer: Andreas Ebert
diff -rupNw apt-setup-0.104ubuntu5.orig/generators/60local apt-setup-0.104ubuntu5.fixed/generators/60local --- apt-setup-0.104ubuntu5.orig/generators/60local 2016-06-08 19:08:12.000000000 +0200 +++ apt-setup-0.104ubuntu5.fixed/generators/60local 2018-04-09 12:25:59.535772146 +0200 @@ -35,8 +35,17 @@ while db_get "apt-setup/local$i/reposito while :; do if fetch-url "$key" "$ROOT/tmp/key$i.pub"; then # add it to the keyring - $chroot $ROOT apt-key add "/tmp/key$i.pub" - rm -f "$ROOT/tmp/key$i.pub" + if [ -n "$comment" ]; then + name=$(echo "" | sed -E 's/[^0-9A-Za-z]+/_/g') + else + name="apt-setup_local$i" + fi + if grep -q -- '-----BEGIN PGP PUBLIC KEY BLOCK-----' $ROOT/tmp/key$i.pub + then + mv "$ROOT/tmp/key$i.pub" "$ROOT/etc/apt/trusted.gpg.d/$name.asc" + else + mv "$ROOT/tmp/key$i.pub" "$ROOT/etc/apt/trusted.gpg.d/$name.gpg" + fi break else db_subst apt-setup/local/key-error MIRROR "${repository%% *}"