--- Begin Message ---
Package: live-build
Version: 4.0.4-1
Tags: patch
In testing something else, I noticed that a file 'trustdb.gpg' exists
inside of the /etc/apt directory. The chroot_archives script has
routines for backing up and restoring files between this directory and
the cache, including gpg files 'secring.gpg*' and 'trusted.gpg*'. The
file 'trustdb.gpg' is not touched there.
I don't know what this file is for exactly (beyond having to do with apt
and keyrings obviously), but I'm just wondering whether in fact this
file should be being backed up with the rest of them. I certainly see no
harm in doing so, and in fact it could be a significant bug if it isn't.
Of note, the bug only has an effect if you set --cache-indices to true,
which I imagine isn't done much if at all, and thus lowers its
importance. (Also note, I'm actually proposing removal of this switch
and the indice caching mechanism behind it - see my caching review in
the mailing list).
Patch attached based on 5.x branch.
commit 2728424d18ed9d9667a1adeb0dff1e572479561b
Author: jnqnfe <jnqnfe@gmail.com>
Date: Mon Jan 5 03:41:47 2015 +0000
Add trustdb.gpg indice/keyring caching
diff --git a/scripts/build/chroot_archives b/scripts/build/chroot_archives
index 4c51cd7..572279e 100755
--- a/scripts/build/chroot_archives
+++ b/scripts/build/chroot_archives
@@ -403,6 +403,11 @@ EOF
cp -rf cache/indices.bootstrap/trusted.gpg* chroot/etc/apt
fi
+ if Find_files cache/indices.bootstrap/trustdb.gpg*
+ then
+ cp -rf cache/indices.bootstrap/trustdb.gpg* chroot/etc/apt
+ fi
+
if [ -f cache/indices.bootstrap/pkgcache.bin ]
then
cp -f cache/indices.bootstrap/pkgcache.bin chroot/var/cache/apt
@@ -499,6 +504,11 @@ EOF
cp -rf chroot/etc/apt/trusted.gpg* cache/indices.bootstrap
+ if Find_files chroot/etc/apt/trustdb.gpg*
+ then
+ cp -f chroot/etc/apt/trustdb.gpg* cache/indices.bootstrap
+ fi
+
cp -f chroot/var/cache/apt/pkgcache.bin cache/indices.bootstrap
if Find_files chroot/var/cache/apt/srcpkgcache.bin
--- End Message ---
--- Begin Message ---
- To: jnqnfe <jnqnfe@gmail.com>, 774605-done@bugs.debian.org
- Subject: Re: Bug#774605: Add trustdb.gpg indice/keyring caching
- From: Raphael Hertzog <hertzog@debian.org>
- Date: Mon, 28 Nov 2016 21:11:32 +0100
- Message-id: <20161128201132.calros2sjabladod@home.ouaza.com>
- In-reply-to: <54AA0995.5020305@gmail.com>
- References: <54AA0995.5020305@gmail.com>
Hello,
On Mon, 05 Jan 2015, jnqnfe wrote:
> I don't know what this file is for exactly (beyond having to do with apt
> and keyrings obviously), but I'm just wondering whether in fact this
> file should be being backed up with the rest of them. I certainly see no
> harm in doing so, and in fact it could be a significant bug if it isn't.
That file serves no significant purpose in the context of live-build
and it might even be gone with newer releases of APT that do not call gpg
directly and/or with the latest changes where we ne longer create any
temporary key when we include unmanaged .deb files.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
--- End Message ---