subject:"\[Bug 1634234\] Re\: apt\-key leaves files in \/dev open after exit"

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

2016-11-03 Thread Julian Andres Klode

*** This bug is a duplicate of bug 1633754 ***
https://bugs.launchpad.net/bugs/1633754

Let's merge it with the other one.

** This bug has been marked a duplicate of bug 1633754
   dirmngr is used as daemon

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1634234

Title:
  apt-key leaves files in /dev open after exit

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

2016-10-18 Thread Julian Andres Klode

This bug seems to be a duplicate of bug 1633754

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1634234

Title:
  apt-key leaves files in /dev open after exit

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

2016-10-17 Thread Scott Moser

curtin is also busted in cases where the user provides a 'keyid', or
even a 'key' (data inline).

It seems we can/should probably make add_apt_key_raw write data to
/etc/apt/trusted.gpg.d ourselves rather than using apt-key.


** Also affects: curtin (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1634234

Title:
  apt-key leaves files in /dev open after exit

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

2016-10-17 Thread Scott Moser

** Also affects: gnupg2 (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1634234

Title:
  apt-key leaves files in /dev open after exit

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

2016-10-17 Thread David Kalnischkies

That isn't directly the fault of apt-key. It uses gpg which in its >=
2.0 versions has split its operations into a multitude of daemons for
security reasons. The daemons should be terminating themselves a few
seconds after the directory they operate in disappears. That is at least
the case for gpg-agent, but "a few seconds" is obviously too slow if you
are in a hurry, so apt-key tries to kill it via gpgconf --kill gpg-agent
(which isn't supported in all gpg version, but at least in the one in
ubuntu I hope). The manpage tells me that this isn't supported for
dirmngr through, which is the daemon left in your case, so solving that
from the apt-key side isn't exactly easy (short of implementing a sub-
subprocess supervisor in shell script…) so I would feel tempted to
declare that the problem of gpg and invalid for apt-key.

That said, your apt-key command is bad and should be replaced. Getting
keys from a keyserver is hopelessly insecure (it is better with recent
gpg versions) but still: Your use of a short-keyid screams security
problem due to easy collisions and hkp is a cleartext protocol so just
asking for MITM (and at least older gpg versions do no checks at all on
the received key(s)).

I guess the simplest & best solution is to ship the key in your preseed
script and drop it with an appropriate name (ending in .gpg) in
/etc/apt/trusted.gpg.d/  – as a bonus, your system will not need gnupg
installed (at least in terms of apt), gpgv will be enough.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1634234

Title:
  apt-key leaves files in /dev open after exit

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

2016-10-17 Thread Rod Smith

** Attachment added: ""lsof | grep dev" output from after running apt-key"
   
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+attachment/4762666/+files/after.txt

** Tags added: hwcert-server

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1634234

Title:
  apt-key leaves files in /dev open after exit

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

[Bug 1634234] Re: apt-key leaves files in /dev open after exit

6 matches

Site Navigation

Mail list logo

Footer information