Bug#840584: apt-key doesn't report the key id and fingerprint on systems with gnupg 2.1

2016-10-13 Thread David Kalnischkies 
Control: reassign -1 gnupg 2.1.15-3
Control: forcemerge 838153 -1

On Wed, Oct 12, 2016 at 04:50:47PM -0700, Diane Trout wrote:
> I had run apt-key on a couple of machines to remove keys for a private
> repository and I noticed one machine didn't report the key id or
> fingerpint of keys.
[…]
> Both machines are running apt 1.3.1, but the first machine without the
> fingerprint has gnupg 2.1, while the machine with the key id and
> fingerprint has gnupg 1.4.20 installed.
>
> So I'm guessing it has something to do with the change to gnupg modern.
[…]
> Versions of packages apt recommends:
> ii  gnupg   2.1.15-3

It's a bug in gnupg, reassigned & merged as such (which if all works
well also closes this bugreport).

Note that this bug was fixed in version 2.1.15-4, so a call to arms for
trusty and (at least this time) bug-free 'apt' should free you of your
troubles. :)


Best regards

David Kalnischkies


signature.asc
Description: PGP signature

Bug#840584: apt-key doesn't report the key id and fingerprint on systems with gnupg 2.1

2016-10-12 Thread Diane Trout 
Package: apt
Version: 1.3.1
Severity: normal

Dear Maintainer,

I had run apt-key on a couple of machines to remove keys for a private
repository and I noticed one machine didn't report the key id or
fingerpint of keys.

On one machine the result of apt-key list or apt-key fingerprint
includes blocks like:

/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
--
pub   rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
uid   [ unknown] Debian Archive Automatic Signing Key
(8/jessie)


on another machine the result of apt-key list or apt-key fingerprint
includes blocks like:

/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
--
pub   4096R/2B90D010 2014-11-21 [expires: 2022-11-19]
  Key fingerprint = 126C 0D24 BD8A 2942 CC7D  F8AC 7638 D044 2B90
D010
uid  Debian Archive Automatic Signing Key (8/jessie)


Both machines are running apt 1.3.1, but the first machine without the
fingerprint has gnupg 2.1, while the machine with the key id and
fingerprint has gnupg 1.4.20 installed.

So I'm guessing it has something to do with the change to gnupg modern.

The key id certainly makes it easier to remove manually added keys from
/etc/apt/trusted.gpg and including the fingerprint helps verifying
system integrity.

Diane Trout


-- Package-specific info:

-- apt-config dump --

APT "";
APT::Architecture "amd64";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "1";
APT::Install-Suggests "0";
APT::Sandbox "";
APT::Sandbox::User "_apt";
APT::Authentication "";
APT::Authentication::TrustCDROM "true";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^linux-image-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-image-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-headers-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-headers-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-image-extra-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-image-extra-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-signed-image-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-signed-image-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-image-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-image-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-headers-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-headers-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^gnumach-image-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^gnumach-image-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^.*-modules-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^.*-modules-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^.*-kernel-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^.*-kernel-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.7\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-tools-4\.6\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-tools-4\.7\.0-1-amd64$";
APT::VersionedKernelPackages "";
APT::VersionedKernelPackages:: "linux-image";
APT::VersionedKernelPackages:: "linux-headers";
APT::VersionedKernelPackages:: "linux-image-extra";
APT::VersionedKernelPackages:: "linux-signed-image";
APT::VersionedKernelPackages:: "kfreebsd-image";
APT::VersionedKernelPackages:: "kfreebsd-headers";
APT::VersionedKernelPackages:: "gnumach-image";
APT::VersionedKernelPackages:: ".*-modules";
APT::VersionedKernelPackages:: ".*-kernel";
APT::VersionedKernelPackages:: "linux-backports-modules-.*";
APT::VersionedKernelPackages:: "linux-tools";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "contrib/metapackages";
APT::Never-MarkAuto-Sections:: "non-free/metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Move-Autobit-Sections "";
APT::Move-Autobit-Sections:: "oldlibs";
APT::Move-Autobit-Sections:: "contrib/oldlibs";
APT::Move-Autobit-Sections:: "non-free/oldlibs";
APT::Move-Autobit-Sections:: "restricted/oldlibs";
APT::Move-Autobit-Sections:: "universe/oldlibs";
APT::Move-Autobit-Sections:: "multiverse/oldlibs";
APT::Update "";
APT::Update::Post-Invoke-Success "";
APT::Update::Post-Invoke-Success:: "/usr/bin/test -e /usr/share/dbus-
1/system-services/org.freedesktop.PackageKit.service && /usr/bin/test
-S /var/run/dbus/system_bus_socket && /usr/bin/gdbus call --system --
dest org.freedesktop.PackageKit --object-path
/org/freedesktop/PackageKit --timeout 4 --method
org.freedesktop.PackageKit.StateHasChanged cache-update > /dev/null;
/bin/echo > /dev/null";
APT::Update::Post-Invoke-Success:: "if /usr/bin/test -w /var/cache/app-
info -a -e /usr/bin/appstreamcli; then appstreamcli