[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#774605: marked as done (Add trustdb.gpg indice/keyring caching)

Your message dated Mon, 28 Nov 2016 21:11:32 +0100
with message-id <20161128201132.calros2sjabladod@home.ouaza.com>
and subject line Re: Bug#774605: Add trustdb.gpg indice/keyring caching
has caused the Debian Bug report #774605,
regarding Add trustdb.gpg indice/keyring caching
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
774605: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774605
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: live-build
Version: 4.0.4-1
Tags: patch

In testing something else, I noticed that a file 'trustdb.gpg' exists
inside of the /etc/apt directory. The chroot_archives script has
routines for backing up and restoring files between this directory and
the cache, including gpg files 'secring.gpg*' and 'trusted.gpg*'. The
file 'trustdb.gpg' is not touched there.

I don't know what this file is for exactly (beyond having to do with apt
and keyrings obviously), but I'm just wondering whether in fact this
file should be being backed up with the rest of them. I certainly see no
harm in doing so, and in fact it could be a significant bug if it isn't.

Of note, the bug only has an effect if you set --cache-indices to true,
which I imagine isn't done much if at all, and thus lowers its
importance. (Also note, I'm actually proposing removal of this switch
and the indice caching mechanism behind it - see my caching review in
the mailing list).

Patch attached based on 5.x branch.

commit 2728424d18ed9d9667a1adeb0dff1e572479561b
Author: jnqnfe <jnqnfe@gmail.com>
Date:   Mon Jan 5 03:41:47 2015 +0000

    Add trustdb.gpg indice/keyring caching

diff --git a/scripts/build/chroot_archives b/scripts/build/chroot_archives
index 4c51cd7..572279e 100755
--- a/scripts/build/chroot_archives
+++ b/scripts/build/chroot_archives
@@ -403,6 +403,11 @@ EOF
 				cp -rf cache/indices.bootstrap/trusted.gpg* chroot/etc/apt
 			fi
 
+			if Find_files cache/indices.bootstrap/trustdb.gpg*
+			then
+				cp -rf cache/indices.bootstrap/trustdb.gpg* chroot/etc/apt
+			fi
+
 			if [ -f cache/indices.bootstrap/pkgcache.bin ]
 			then
 				cp -f cache/indices.bootstrap/pkgcache.bin chroot/var/cache/apt
@@ -499,6 +504,11 @@ EOF
 
 				cp -rf chroot/etc/apt/trusted.gpg* cache/indices.bootstrap
 
+				if Find_files chroot/etc/apt/trustdb.gpg*
+				then
+					cp -f chroot/etc/apt/trustdb.gpg* cache/indices.bootstrap
+				fi
+
 				cp -f chroot/var/cache/apt/pkgcache.bin cache/indices.bootstrap
 
 				if Find_files chroot/var/cache/apt/srcpkgcache.bin

--- End Message ---
--- Begin Message --- 
Hello,

On Mon, 05 Jan 2015, jnqnfe wrote:
> I don't know what this file is for exactly (beyond having to do with apt
> and keyrings obviously), but I'm just wondering whether in fact this
> file should be being backed up with the rest of them. I certainly see no
> harm in doing so, and in fact it could be a significant bug if it isn't.

That file serves no significant purpose in the context of live-build
and it might even be gone with newer releases of APT that do not call gpg
directly and/or with the latest changes where we ne longer create any
temporary key when we include unmanaged .deb files.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

--- End Message ---
Reply to: