[Bug 1634234] Re: apt-key leaves files in /dev open after exit
*** This bug is a duplicate of bug 1633754 *** https://bugs.launchpad.net/bugs/1633754 Let's merge it with the other one. ** This bug has been marked a duplicate of bug 1633754 dirmngr is used as daemon -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634234 Title: apt-key leaves files in /dev open after exit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634234] Re: apt-key leaves files in /dev open after exit
This bug seems to be a duplicate of bug 1633754 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634234 Title: apt-key leaves files in /dev open after exit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634234] Re: apt-key leaves files in /dev open after exit
curtin is also busted in cases where the user provides a 'keyid', or even a 'key' (data inline). It seems we can/should probably make add_apt_key_raw write data to /etc/apt/trusted.gpg.d ourselves rather than using apt-key. ** Also affects: curtin (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634234 Title: apt-key leaves files in /dev open after exit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634234] Re: apt-key leaves files in /dev open after exit
** Also affects: gnupg2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634234 Title: apt-key leaves files in /dev open after exit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634234] Re: apt-key leaves files in /dev open after exit
That isn't directly the fault of apt-key. It uses gpg which in its >= 2.0 versions has split its operations into a multitude of daemons for security reasons. The daemons should be terminating themselves a few seconds after the directory they operate in disappears. That is at least the case for gpg-agent, but "a few seconds" is obviously too slow if you are in a hurry, so apt-key tries to kill it via gpgconf --kill gpg-agent (which isn't supported in all gpg version, but at least in the one in ubuntu I hope). The manpage tells me that this isn't supported for dirmngr through, which is the daemon left in your case, so solving that from the apt-key side isn't exactly easy (short of implementing a sub- subprocess supervisor in shell script…) so I would feel tempted to declare that the problem of gpg and invalid for apt-key. That said, your apt-key command is bad and should be replaced. Getting keys from a keyserver is hopelessly insecure (it is better with recent gpg versions) but still: Your use of a short-keyid screams security problem due to easy collisions and hkp is a cleartext protocol so just asking for MITM (and at least older gpg versions do no checks at all on the received key(s)). I guess the simplest & best solution is to ship the key in your preseed script and drop it with an appropriate name (ending in .gpg) in /etc/apt/trusted.gpg.d/ – as a bonus, your system will not need gnupg installed (at least in terms of apt), gpgv will be enough. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634234 Title: apt-key leaves files in /dev open after exit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634234] Re: apt-key leaves files in /dev open after exit
** Attachment added: ""lsof | grep dev" output from after running apt-key" https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+attachment/4762666/+files/after.txt ** Tags added: hwcert-server -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634234 Title: apt-key leaves files in /dev open after exit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs