Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.3 2016-08-26T22:31:03Z 2016-08-26T22:31:03Z Julian Andres Klode jak@debian.org 2016-08-26T22:31:03Z urn:sha1:6a68315e938eb2611806658828ecea86805822e7 2016-08-26T20:17:54Z Julian Andres Klode jak@debian.org 2016-08-23T19:01:06Z urn:sha1:dd7758b9245275a31fde70218db9a531c5859c26 On FreeBSD, readlink -f requires the last component to exist. 2016-08-25T13:22:28Z David Kalnischkies david@kalnischkies.de 2016-08-25T13:22:28Z urn:sha1:29c590951f812d9e9c4f17706e34f2c3315fb1f6 In 105503b4b470c124bc0c271bd8a50e25ecbe9133 we got a warning implemented for unreadable files which greatly improves the behavior of apt update already as everything will work as long as we don't need the keys included in these files. The behavior if they are needed is still strange through as update will fail claiming missing keys and a manual test (which the user will likely perform as root) will be successful. Passing the new warning generated by apt-key through to apt is a bit strange from an interface point of view, but basically duplicating the warning code in multiple places doesn't feel right either. That means we have no translation for the message through as apt-key has no i18n yet. It also means that if the user has a bunch of sources each of them will generate a warning for each unreadable file which could result in quite a few duplicated warnings, but "too many" is better than none. Closes: 834973 2016-08-25T10:42:36Z David Kalnischkies david@kalnischkies.de 2016-08-25T10:42:36Z urn:sha1:105503b4b470c124bc0c271bd8a50e25ecbe9133 apt-key has inconsistent behaviour if it can't read a keyring file: Commands like 'list' skipped silently over such keyrings while 'verify' failed hard resulting in apt to report cconfusing gpg errors (#834973). As a first step we teach apt-key to be more consistent here skipping in all commands over unreadable keyrings, but issuing a warning in the process, which is as usual for apt commands displayed at the end of the run. 2016-08-17T12:12:24Z David Kalnischkies david@kalnischkies.de 2016-08-17T06:10:29Z urn:sha1:e289907f5e7241034cb0d37055dc2cba4e3a19af Fingerprints tend to be displayed in space-separated octet pairs so be nice and allow delete to remove a key based on such a string rather than requiring that the user is deleting all the spaces manually. 2016-08-17T07:52:32Z David Kalnischkies david@kalnischkies.de 2016-08-16T13:46:19Z urn:sha1:19fdf93d7363261227811a62157063081b9f1a5d We need to support partial upgrades anyhow, so we have to deal with the different versions and your tests try to ensure that we do, so we shouldn't make any explicit higher requirements. 2016-07-31T08:29:25Z David Kalnischkies david@kalnischkies.de 2016-07-31T08:29:25Z urn:sha1:215598df84c092f801fe154e510c68fcc263b3ba gpgconf wasn't always equipped with a --kill option as highlighted by our testcases failing on Travis and co as these use a much older version of gpg2. As this is just for cleaning up slightly faster we ignore any error a call might produce and carry on. Use a recent enough gpg2 version if you need the immediate killing… Gbp-Dch: Ignore Reported-By: Travis CI 2016-07-31T07:56:26Z David Kalnischkies david@kalnischkies.de 2016-07-31T07:27:19Z urn:sha1:4039798d971752325d097bfbdc9011b5e9efd29c apt-key has (usually) no secret key material so it doesn't really need the agent at all, but newer gpgs insist on starting it anyhow. The agents die off rather quickly after the underlying home-directory is cleaned up, but that is still not fast enough for tools like sbuild which want to unmount but can't as the agent is still hanging onto a non-existent homedir. Reported-By: Johannes 'josch' Schauer on IRC 2016-07-01T22:03:20Z David Kalnischkies david@kalnischkies.de 2016-07-01T21:44:37Z urn:sha1:f4dcab0504a68595d9e95c953ce66f46f9ad30aa Debian isn't using 'update' anymore for years and the command is in direct conflict with our goal of not requiring gnupg anymore, so it is high time to officially declare this command as deprecated. 2016-07-01T20:00:52Z David Kalnischkies david@kalnischkies.de 2016-07-01T20:00:52Z urn:sha1:08fcf9628806af202e555bd02b3611e4e9a3d757 apt-key needs gnupg for most of its operations, but depending on it isn't very efficient as apt-key is hardly used by users – and scripts shouldn't use it to begin with as it is just a silly wrapper. To draw more attention on the fact that e.g. 'apt-key add' should not be used in favor of "just" dropping a keyring file into the trusted.gpg.d directory this commit implements the display of warnings.