Package: docker.io Version: 18.03.1+dfsg1-3 Severity: grave Filing an official report so it doesn't get forgotten (we had some private correspondence about it). New behavior was detected while testing new version in experimental (17.12.1+dfsg-2) and maintains with current one: running any docker command (even just docker --help) triggers a dialog to enter my GPG key password. I am really not sure why this should be necessary but it is worrisome that it might result in leakage or unauthorized use of GPG keys, happen user has it unlocked in the session (gpg-agent etc).
IMHO doker must not ask for unlocking GPG key at all AFAIK, unless may be some functionality requires signing et. I've not yet tried to figure out what exactly leads to it. Cheers, -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (600, 'unstable'), (300, 'experimental'), (100, 'unstable-debug'), (100, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.15.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages docker.io depends on: ii adduser 3.117 ii iptables 1.6.2-1 ii libc6 2.27-2 ii libdevmapper1.02.1 2:1.02.145-4.1 ii libltdl7 2.4.6-2 ii libnspr4 2:4.18-1 ii libnss3 2:3.35-2 ii libseccomp2 2.3.1-2.1 ii libsystemd0 238-3 ii lsb-base 9.20170808 ii runc 1.0.0~rc4+dfsg1-2 ii tini 0.18.0-1 Versions of packages docker.io recommends: ii ca-certificates 20170717 ii cgroupfs-mount 1.4 ii git 1:2.17.0-1 ii xz-utils 5.2.2-1.3 Versions of packages docker.io suggests: ii aufs-tools 1:4.9+20170918-1 ii btrfs-progs 4.15.1-1 ii debootstrap 1.0.93+nmu2 pn docker-doc <none> pn rinse <none> pn zfs-fuse | zfsutils <none> -- debconf-show failed