Re: apt 0.6 in experimental
On Sat, Dec 27, 2003 at 12:46:42PM -0800, Matt Zimmerman wrote:
> On Sat, Dec 27, 2003 at 11:47:56AM -0500, Joey Hess wrote:
> > apt-key add fails if there is no ~root/.gnupg. I don't habitually use gpg
> > as root, so that was suprising.
>
> Hmm...apt-key uses --no-options and --no-default-keyring to try to suppress
> as much of that garbage as possible, but apparently it isn't enough. I
> happened to have a ~root/.gnupg, so I didn't notice this.
>
> We want to operate on a public keyring, only, and have no secret keyring or
> trustdb. The current command line used is:
>
> GPG="gpg --no-options --no-default-keyring --keyring /etc/apt/trusted.gpg"
>
> --homedir /etc/apt might help a little, but it would complain about the
> permissions, and we really don't want it to mess with any other files in the
> first place. It shouldn't need a ~/.gnupg in order to work, but I tested,
> and you're correct, it complains, even though it wouldn't actually use any
> of the files there.
>
> Any suggestions?
OK, it looks like gpg is happy enough if we supply it with a secret keyring
and a trustdb. Unfortunately, it insists on creating them as well, which
clutters the directory...maybe a move to /etc/apt/gnupg would be in order.
Anyway, I've uploaded 0.6.2 which fixes some cosmetic issues as well as this
problem with apt-key.
--
- mdz
Reply to: