Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.0.9.4 2013-10-08T17:46:39Z 2013-10-08T17:46:39Z Michael Vogt mvo@debian.org 2013-10-08T17:46:39Z urn:sha1:5361a6180571f5921b6c006129b5f0c274b6154b 2013-08-12T16:01:38Z David Kalnischkies kalnischkies@gmail.com 2013-08-12T15:26:54Z urn:sha1:ec9272975f454d3911e61e5cc3b29fe90fe2ee54 The debian-archive-keyring package ships trusted.gpg.d fragment files for a while now and dropped their call to 'apt-key update', so there is no need for use to call it as the keys will always be available. This also finally allows a user to remove key(ring)s without APT to overriding this decision by readding them with this step. The functionality is kept around in the odd case that an old debian-archive-keyring package is used which still calls 'apt-key update' and depends on the import (hence, we also do not enforce a newer version of the debian-archive-keyring via our dependencies) 2013-08-12T16:01:37Z David Kalnischkies kalnischkies@gmail.com 2013-08-11T22:19:10Z urn:sha1:f9e64e7bb0c125b54f0699d9e08956a88b467a7f for some "interesting" reason gpg decides that it needs to update its trustdb.gpg file in a --list-keys command even if right before gpg is asked to --check-trustdb. That wouldn't be as bad if it wouldn't modify the keyring being listed at that moment as well, which generates not only warnings which are not a problem for us, but as the keyring modified can be in /usr it modified files which aren't allowed to be modified. The suggested solution in the bugreport is running --check-trustdb unconditionally in an 'apt-key update' call, but this command will not be used in the future and this could still potentially bite us in net-update or adv calls. All of this just to keep a file around, which we do not need… The commit therefore switches to the use of a temporary created trusted.gpg file for everyone and asks gpg to not try to update the trustdb after its intial creation, which seems to avoid the problem altogether. It is using your also faked secring btw as calling the check-trustdb without a keyring is a lot slower … Closes: #687611 Thanks: Andreas Beckmann for the initial patch! 2013-07-23T18:09:05Z Michael Vogt mvo@debian.org 2013-07-23T18:09:05Z urn:sha1:d3213963281a4f910b78679dad35bf59ddbd721c * debian/apt.postinst: - run /etc/kernel/postinst.d/apt-auto-removal once on upgrade to ensure that the correct auto-removal list is generated (closes: #717615) 2012-12-13T08:02:04Z Michael Vogt michael.vogt@ubuntu.com 2012-12-13T08:02:04Z urn:sha1:fb3ecf163485c428ebf863e65e60ec884e741ada 2011-07-16T12:21:51Z David Kalnischkies kalnischkies@gmail.com 2011-07-16T12:21:51Z urn:sha1:285feb3cedca3cccff971155099adef8d902223d - use a tmpfile instead of /etc/apt/secring.gpg (Closes: #632596) * debian/apt.postinst: - remove /etc/apt/secring.gpg if it is an empty file 2010-01-08T21:28:49Z Michael Vogt michael.vogt@ubuntu.com 2010-01-08T21:28:49Z urn:sha1:46e39c8e14dc98045107cfb38af8cecb8a4773b0 * spot & fix various typos in all manpages * German manpage translation update * cmdline/apt-cache.cc: - remove translatable marker from the "%4i %s\n" string * buildlib/po4a_manpage.mak: - instruct debiandoc to build files with utf-8 encoding * buildlib/tools.m4: - fix some warning from the buildtools * apt-pkg/acquire-item.cc: - add configuration PDiffs::Limit-options to not download too many or too big patches (Closes: #554349) * debian/control: - let all packages depend on ${misc:Depends} * share/*-archive.gpg: - remove the horrible outdated files. We already depend on the keyring so we don't need to ship our own version * cmdline/apt-key: - errors out if wget is not installed (Closes: #545754) - add --keyring option as we have now possibly many * methods/gpgv.cc: - pass all keyrings (TrustedParts) to gpgv instead of using only one trusted.gpg keyring (Closes: #304846) * methods/https.cc: - finally merge the rest of the patchset from Arnaud Ebalard with the CRL and Issuers options, thanks! (Closes: #485963) 2006-12-07T09:45:44Z Michael Vogt egon@tas 2006-12-07T09:45:44Z urn:sha1:fbf8c5ea5fed408c728b02d99d22551206975e9e 2005-08-01T16:13:28Z Michael Vogt michael.vogt@ubuntu.com 2005-08-01T16:13:28Z urn:sha1:7ef96224b8f697b74089ab8f47688f28e5025b42 2005-08-01T16:12:13Z Michael Vogt michael.vogt@ubuntu.com 2005-08-01T16:12:13Z urn:sha1:4481fc8e8fa5227c08271e4fa95eae78e6531800