Bug#886473: apt-setup lacks a dependency on gnupg

To: Cyril Brulebois <kibi@debian.org>, 886473@bugs.debian.org, Martin <debianbts2018@kefrepy.netizen.se>
Subject: Bug#886473: apt-setup lacks a dependency on gnupg
From: Philipp Kern <pkern@debian.org>
Date: Mon, 21 May 2018 12:43:48 +0200
Message-id: <[🔎] 642be77f-3c4d-674b-dca9-25d7acf7ae45@debian.org>
Reply-to: Philipp Kern <pkern@debian.org>, 886473@bugs.debian.org
In-reply-to: <20180115015306.4fto23lb7rumbxcj@mraw.org>
References: <20180106142241.GE22024@ch.lugn.nu> <20180106142241.GE22024@ch.lugn.nu> <20180115015306.4fto23lb7rumbxcj@mraw.org> <20180106142241.GE22024@ch.lugn.nu>

On 1/15/18 2:53 AM, Cyril Brulebois wrote:
> We should be fixing this bug to stop using apt-key, and start putting
> files under the right location with the right filename:
>   https://bugs.debian.org/851774
> 
> This would render the need for gnupg moot, as we would move away from
> using a deprecated way of adding keys.

So what's the current contract with apt? ASCII-armored files need to go
into .asc and binary files into .gpg? Is the right way to infer ASCII
armor to grep for the preamble? Also right now we discard the file name
of the key fetched, is that something we'd want to preserve?

(I sort of agree that we should drop files into the right place, on the
other hand the fix would be "apt-install gnupg" with the current setup.)

Kind regards
Philipp Kern

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Bug#886473: apt-setup lacks a dependency on gnupg
  - From: Cyril Brulebois <kibi@debian.org>

Prev by Date: Re: debootstrap: [idea] force review before commit to master
Next by Date: Fw: Re: [installation-guide] convert xml-based translation to po format
Previous by thread: Bug#899118: flash-kernel: add missing arm64 boards
Next by thread: Bug#886473: apt-setup lacks a dependency on gnupg
Index(es):
- Date
- Thread