Browse Source

deprecate 'apt-key update' and no-op it in Debian

Debian isn't using 'update' anymore for years and the command is in
direct conflict with our goal of not requiring gnupg anymore, so it
is high time to officially declare this command as deprecated.
tags/debian/1.3_pre1
David Kalnischkies 5 years ago
parent
commit
f4dcab0504
3 changed files with 17 additions and 18 deletions
  1. +7
    -0
      cmdline/apt-key.in
  2. +8
    -16
      doc/apt-key.8.xml
  3. +2
    -2
      vendor/debian/apt-vendor.ent

+ 7
- 0
cmdline/apt-key.in View File

@@ -156,6 +156,13 @@ net_update() {
}

update() {
if [ -z "$APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE" ]; then
echo >&2 "Warning: 'apt-key update' is deprecated and should not be used anymore!"
if [ -z "$ARCHIVE_KEYRING" ]; then
echo >&2 "Note: In your distribution this command is a no-op and can therefore be removed safely."
exit 0
fi
fi
if [ ! -f "$ARCHIVE_KEYRING" ]; then
echo >&2 "ERROR: Can't find the archive-keyring"
echo >&2 "Is the &keyring-package; package installed?"


+ 8
- 16
doc/apt-key.8.xml View File

@@ -128,17 +128,21 @@
</listitem>
</varlistentry>

<varlistentry><term><option>update</option></term>
<varlistentry><term><option>update</option></term> (deprecated)
<listitem>
<para>

Update the local keyring with the archive keyring and remove from
the local keyring the archive keys which are no longer valid.
The archive keyring is shipped in the <literal>archive-keyring</literal> package of your
distribution, e.g. the &keyring-package; package in &keyring-distro;.

</para>

<para>
Note that a distribution does not need to and in fact should not use
this command any longer and instead ship keyring files in the
<filename>/etc/apt/trusted.gpg</filename> directory directly as this
avoids a dependency on <package>gnupg</package> and it is easier to manage
keys by simply adding and removing files for maintainers and users alike.
</para>
</listitem>
</varlistentry>
@@ -181,18 +185,6 @@

&file-trustedgpg;

<varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
<listitem><para>Local trust database of archive keys.</para></listitem>
</varlistentry>

<varlistentry><term>&keyring-filename;</term>
<listitem><para>Keyring of &keyring-distro; archive trusted keys.</para></listitem>
</varlistentry>

<varlistentry><term>&keyring-removed-filename;</term>
<listitem><para>Keyring of &keyring-distro; archive removed trusted keys.</para></listitem>
</varlistentry>

</variablelist>

</refsect1>


+ 2
- 2
vendor/debian/apt-vendor.ent View File

@@ -1,8 +1,8 @@
<!-- details about the keys used by the distribution -->
<!ENTITY keyring-distro "Debian">
<!ENTITY keyring-package "<package>debian-archive-keyring</package>">
<!ENTITY keyring-filename "<filename>/usr/share/keyrings/debian-archive-keyring.gpg</filename>">
<!ENTITY keyring-removed-filename "<filename>/usr/share/keyrings/debian-archive-removed-keys.gpg</filename>">
<!ENTITY keyring-filename "">
<!ENTITY keyring-removed-filename "">
<!ENTITY keyring-master-filename "">
<!ENTITY keyring-uri "">



Loading…
Cancel
Save