Bug#390449: marked as done (please consider including debian-edu-archive-keys handling)
Your message dated Mon, 05 Sep 2016 19:45:16 + with message-id <e1bgzpu-00010w...@franck.debian.org> and subject line Bug#836375: Removed package(s) from unstable has caused the Debian Bug report #390449, regarding please consider including debian-edu-archive-keys handling to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 390449: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=390449 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: apt Severity: Wishlist Tags: Patch Hi Now the debian-edu-archive-keyring package entered Debian. Can you please consider including the following patch, which will honour the debian-edu archive key and include it into the local keyring with apt-key update? Cheers Steffen --- apt-0.6.46/cmdline/apt-key 2006-03-03 01:28:27.0 +1100 +++ apt-0.6.47/cmdline/apt-key 2006-10-01 20:17:26.0 +1000 @@ -11,7 +11,8 @@ ARCHIVE_KEYRING=/usr/share/keyrings/debian-archive-keyring.gpg REMOVED_KEYS=/usr/share/keyrings/debian-archive-removed-keys.gpg - +DEBIAN_EDU_ARCHIVE_KEYRING=/usr/share/keyrings/debian-edu-archive-keyring.gpg +DEBIAN_EDU_ARCHIVE_REMOVED_KEYS=/usr/share/keyrings/debian-edu-archive-removed-keys.gpg update() { if [ ! -f $ARCHIVE_KEYRING ]; then @@ -21,14 +22,32 @@ fi # add new keys -$GPG_CMD --quiet --batch --keyring $ARCHIVE_KEYRING --export | $GPG --ignore-time-conflict --import +key_add $ARCHIVE_KEYRING + +# remove no-longer used keys +key_remove $REMOVED_KEYS + +# handle debian-edu keys if available +if [ -f $DEBIAN_EDU_ARCHIVE_KEYRING ] ; then + key_add $DEBIAN_EDU_ARCHIVE_KEYRING +fi +if [ -f $DEBIAN_EDU_ARCHIVE_REMOVED_KEYS ] ; then + key_remove $DEBIAN_EDU_ARCHIVE_REMOVED_KEYS +fi +} + +key_add() { +# add new keys +$GPG_CMD --quiet --batch --keyring $1 --export | $GPG --ignore-time-conflict --import +} +key_remove() { # remove no-longer used keys -keys=`$GPG_CMD --keyring $REMOVED_KEYS --with-colons --list-keys|awk '/^pub/{FS=":";print $5}'` +keys=`$GPG_CMD --keyring $1 --with-colons --list-keys|awk '/^pub/{FS=":";print $5}'` for key in $keys; do - if $GPG --list-keys --with-colons | awk '/^pub/{FS=":";print $5}'|grep -q $key; then - $GPG --quiet --batch --delete-key --yes ${key} - fi +if $GPG --list-keys --with-colons | awk '/^pub/{FS=":";print $5}'|grep -q $key; then +$GPG --quiet --batch --delete-key --yes ${key} +fi done } pgp9BAdBmWqh9.pgp Description: PGP signature --- End Message --- --- Begin Message --- Version: 2014.10.14+rm Dear submitter, as the package debian-edu-archive-keyring has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/836375 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Chris Lamb (the ftpmaster behind the curtain)--- End Message ---
Processed: please consider including debian-edu-archive-keys handling
Processing commands for cont...@bugs.debian.org: reassign 390449 debian-edu-archive-keyring 2010.01.05 Bug #390449 [apt] please consider including debian-edu-archive-keys handling Bug reassigned from package 'apt' to 'debian-edu-archive-keyring'. Bug #390449 [debian-edu-archive-keyring] please consider including debian-edu-archive-keys handling Bug Marked as found in versions debian-edu-archive-keyring/2010.01.05. thanks Stopping processing here. Please contact me if you need assistance. -- 390449: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=390449 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.131608132111692.transcr...@bugs.debian.org
please consider including debian-edu-archive-keys handling
reassign 390449 debian-edu-archive-keyring 2010.01.05 thanks Hi debian-edu, soon-to-be 5 years later a response to your wishlist bug against apt - and then it's even a reassigning back to you… d'oh! Life can be hard at times… ;) APT has gained well before squeeze the possibility for keyring packages to drop their keyrings into a fragments directory instead of mangling with apt-file which is not only prune for errors, but could possibly override user-configuration (see #558784). Long story short, attached is a prelimited patch to enable your keyring package to use this fragments directory. Prelimited in the sense that it isn't tested and that you might want to change a bit/everything depending on what you like. If you have further questions on how to implement this feel free to ask me, but make sure to at least cc me in that case, thanks! (No, this hasn't been adopted by anyone with a keyring in debian main yet, even through it works and is used at least by some third-party archives and a small debian-derivative (aptosid) currently with success. Hopefully in the near future i will be able to create a patch for debian-archive-keyring through, so you are not completely alone) Best regards David Kalnischkies diff -ru debian-edu-archive-keyring-2010.01.05-bak//debian/control debian-edu-archive-keyring-2010.01.05/debian/control --- debian-edu-archive-keyring-2010.01.05-bak//debian/control 2011-09-15 11:30:03.106463458 +0200 +++ debian-edu-archive-keyring-2010.01.05/debian/control 2011-09-15 11:42:22.542219237 +0200 @@ -11,7 +11,8 @@ Package: debian-edu-archive-keyring Architecture: all -Depends: gnupg, apt +Depends: apt (= 0.7.25.1), gpgv +Recommends: gnupg Description: GnuPG archive keys of the Debian Edu archive The Debian Edu project digitally signs its Release files. This package contains the archive keys used for that. diff -ru debian-edu-archive-keyring-2010.01.05-bak//debian/postinst debian-edu-archive-keyring-2010.01.05/debian/postinst --- debian-edu-archive-keyring-2010.01.05-bak//debian/postinst 2011-09-15 11:30:03.106463458 +0200 +++ debian-edu-archive-keyring-2010.01.05/debian/postinst 2011-09-15 11:46:37.284034528 +0200 @@ -2,7 +2,13 @@ set -e -if [ -x /usr/bin/apt-key ]; then -# apt-key update only uses /usr/share/keyrings/debian-archive-*.gpg, so we use apt-key add -apt-key add /usr/share/keyrings/debian-edu-archive-keyring.gpg +if [ $1 = 'configure' ]; then + if dpkg --compare-versions '2010.01.05' '=' $2 which gpg /dev/null; then + TRUSTEDFILE='/etc/apt/trusted.gpg' + eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring) + eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f) + if [ -e $TRUSTEDFILE ]; then + apt-key --keyring $TRUSTEDFILE del A26FF456 2/dev/null || : + fi + fi fi diff -ru debian-edu-archive-keyring-2010.01.05-bak//debian/rules debian-edu-archive-keyring-2010.01.05/debian/rules --- debian-edu-archive-keyring-2010.01.05-bak//debian/rules 2011-09-15 11:30:03.106463458 +0200 +++ debian-edu-archive-keyring-2010.01.05/debian/rules 2011-09-15 11:42:59.617755730 +0200 @@ -34,6 +34,8 @@ $(install_dir) debian/tmp/usr/share/keyrings/ $(install_file) keyrings/debian-edu-archive-keyring.gpg debian/tmp/usr/share/keyrings/ $(install_file) keyrings/debian-edu-archive-removed-keys.gpg debian/tmp/usr/share/keyrings/ + $(install_dir) debian/tmp/etc/apt/trusted.gpg.d/ + $(install_file) keyrings/debian-edu-archive-keyring.gpg debian/tmp/etc/apt/trusted.gpg.d/ $(install_dir) debian/tmp/usr/share/doc/debian-edu-archive-keyring/ $(install_file) README debian/tmp/usr/share/doc/debian-edu-archive-keyring/