Bug#925350: unblock: ubuntu-keyring/2018.09.18.1-5

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#925350: unblock: ubuntu-keyring/2018.09.18.1-5
From: Hideki Yamane <henrich@debian.org>
Date: Sat, 23 Mar 2019 23:36:50 +0900
Message-id: <[🔎] 155335181021.29109.561919918315974813.reportbug@hp>
Reply-to: Hideki Yamane <henrich@debian.org>, 925350@bugs.debian.org
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

 Please unblock package ubuntu-keyring

 * This update fixes file removal at maintainer script, and also deals with symlink
   removal that the package in testing doesn't create properly as below

>>      # force remove garbage that was created by previous version, oh moron...
>>      rm -f /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cloud-archive\,\ ubuntu-cloud-removed-keys.gpg

 * ubuntu-keyring is leaf package, no package will be affected with this
   change if there would be a regression ;)

>> $ apt-rdepends -r ubuntu-keyring
>> ubuntu-keyring
>>  Reverse Depends: ubuntu-archive-keyring (2018.09.18.1-5)

 ubuntu-archive-keyring is just a transitional package.


 Here's a debdiff.

diff -Nru ubuntu-keyring-2018.09.18.1/debian/changelog ubuntu-keyring-2018.09.18.1/debian/changelog
--- ubuntu-keyring-2018.09.18.1/debian/changelog	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/changelog	2019-03-12 01:40:45.000000000 +0900
@@ -1,3 +1,16 @@
+ubuntu-keyring (2018.09.18.1-5) unstable; urgency=medium
+
+  * debian/*.post{inst,rm}
+    - use apt-config(8)'s Dir::Etc::trustedparts and fix keyring removal error.
+      Thanks to Linda Lapinlampi <linda@lindalap.fi> and
+      Hiroyuki YAMAMORI <h-yamamo@db3.so-net.ne.jp> (Closes: #922176, #922177)
+  * debian/ubuntu-dbgsym-keyring.templates
+    - add ubuntu-dbgsym-keyring.gpg (See #922348)
+  * debian/control
+    - add Rules-Requires-Root: no
+
+ -- Hideki Yamane <henrich@debian.org>  Tue, 12 Mar 2019 01:40:45 +0900
+
 ubuntu-keyring (2018.09.18.1-4) unstable; urgency=medium
 
   * debian/control
diff -Nru ubuntu-keyring-2018.09.18.1/debian/control ubuntu-keyring-2018.09.18.1/debian/control
--- ubuntu-keyring-2018.09.18.1/debian/control	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/control	2019-03-12 01:40:45.000000000 +0900
@@ -8,6 +8,7 @@
 Homepage: https://launchpad.net/ubuntu/+source/ubuntu-keyring
 Vcs-Git: https://salsa.debian.org/debian/ubuntu-keyring.git
 Vcs-Browser: https://salsa.debian.org/debian/ubuntu-keyring
+Rules-Requires-Root: no
 
 Package: ubuntu-archive-keyring
 Architecture: all
diff -Nru ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postinst ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postinst
--- ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postinst	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postinst	2019-03-12 01:40:45.000000000 +0900
@@ -5,15 +5,26 @@
 case "$1" in
     install|configure)
 
+      # force remove garbage that was created by previous version, oh moron...
+      rm -f /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cloud-archive\,\ ubuntu-cloud-removed-keys.gpg
+
+
+      TRUSTEDPARTS="/etc/apt/trusted.gpg.d/"
+      eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::trustedparts/d)"
+
+      # once clean up keyrings
+      rm -f "${TRUSTEDPARTS}ubuntu-keyring-2012-cloud-archive.gpg" \
+            "${TRUSTEDPARTS}ubuntu-keyring-2012-removed-keys.gpg"
+
       . /usr/share/debconf/confmodule
       db_version 2.0
       db_get ubuntu-cloud-keyring/keyring
 
       if [ -n "$RET" ]; then
-        for keyring in "$RET"
+        selected=$(echo "$RET" | sed -e 's/, /\n/g')
+        echo "$selected" | while read keyring
         do
-          rm -f /etc/apt/trusted.gpg.d/"$keyring".gpg
-          ln -sf /usr/share/keyrings/"$keyring".gpg /etc/apt/trusted.gpg.d/
+          ln -sf "/usr/share/keyrings/${keyring}.gpg" "$TRUSTEDPARTS"
         done
       fi
 
diff -Nru ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postrm ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postrm
--- ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postrm	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/ubuntu-cloud-keyring.postrm	2019-03-12 01:40:45.000000000 +0900
@@ -5,9 +5,12 @@
 case "$1" in
     purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
 
-        rm -f /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cloud-archive.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-cloud-removed-keys.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-cloud-keyring.gpg
+        TRUSTEDPARTS="/etc/apt/trusted.gpg.d/"
+        eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::trustedparts/d)"
+
+        rm -f "${TRUSTEDPARTS}ubuntu-keyring-2012-cloud-archive.gpg" \
+              "${TRUSTEDPARTS}ubuntu-cloud-removed-keys.gpg" \
+              "${TRUSTEDPARTS}ubuntu-cloud-keyring.gpg"
 
     ;;
     *)
diff -Nru ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postinst ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postinst
--- ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postinst	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postinst	2019-03-12 01:40:45.000000000 +0900
@@ -5,15 +5,28 @@
 case "$1" in
     install|configure)
 
+      # remove garbage that was created by previous version, oh moron...
+      rm -f /etc/apt/trusted.gpg.d/ubuntu-keyring-2016-dbgsym.gpg\,\ *
+      rm -f /etc/apt/trusted.gpg.d/ubuntu-dbgsym-removed-keys.gpg\,\ *
+
+
+      TRUSTEDPARTS="/etc/apt/trusted.gpg.d/"
+      eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::trustedparts/d)"
+
+      # once clean up keyrings
+      rm -f "${TRUSTEDPARTS}ubuntu-keyring-2016-dbgsym.gpg" \
+            "${TRUSTEDPARTS}ubuntu-dbgsym-removed-keys.gpg" \
+            "${TRUSTEDPARTS}ubuntu-dbgsym-keyring.gpg"
+
       . /usr/share/debconf/confmodule
       db_version 2.0
       db_get ubuntu-dbgsym-keyring/keyring
 
       if [ -n "$RET" ]; then
-        for keyring in "$RET"
+        selected=$(echo "$RET" | sed -e 's/, /\n/g')
+        echo "$selected" | while read keyring
         do
-          rm -f /etc/apt/trusted.gpg.d/"$keyring".gpg
-          ln -sf /usr/share/keyrings/"$keyring".gpg /etc/apt/trusted.gpg.d/
+          ln -sf "/usr/share/keyrings/${keyring}.gpg" "$TRUSTEDPARTS"
         done
       fi
 
diff -Nru ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postrm ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postrm
--- ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postrm	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.postrm	2019-03-12 01:40:45.000000000 +0900
@@ -5,9 +5,12 @@
 case "$1" in
     purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
 
-        rm -f /etc/apt/trusted.gpg.d/ubuntu-keyring-2016-dbgsym.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-dbgsym-removed-keys.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-dbgsym-keyring.gpg
+        TRUSTEDPARTS="/etc/apt/trusted.gpg.d/"
+        eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::trustedparts/d)"
+
+        rm -f "${TRUSTEDPARTS}ubuntu-keyring-2016-dbgsym.gpg" \
+              "${TRUSTEDPARTS}ubuntu-dbgsym-removed-keys.gpg" \
+              "${TRUSTEDPARTS}ubuntu-dbgsym-keyring.gpg"
 
     ;;
     *)
diff -Nru ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.templates ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.templates
--- ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.templates	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/ubuntu-dbgsym-keyring.templates	2019-03-12 01:40:45.000000000 +0900
@@ -1,6 +1,6 @@
 Template: ubuntu-dbgsym-keyring/keyring
 Type: multiselect
-Choices: ubuntu-keyring-2016-dbgsym, ubuntu-dbgsym-removed-keys
+Choices: ubuntu-dbgsym-keyring, ubuntu-keyring-2016-dbgsym, ubuntu-dbgsym-removed-keys
 Default:
 _Description: Trusted GPG keyring for package authentication
  If you want to use the Ubuntu dbgsym archive in place of the Debian archive in
diff -Nru ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postinst ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postinst
--- ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postinst	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postinst	2019-03-12 01:40:45.000000000 +0900
@@ -12,15 +12,27 @@
               /etc/apt/trusted.gpg.d/ubuntu-archive-removed-keys.gpg
       fi
 
+      # and also remove garbage that was created by previous version.
+      # oh moron...
+      rm -f /etc/apt/trusted.gpg.d/ubuntu-keyring-201[28]-archive\,\ *
+
+      TRUSTEDPARTS="/etc/apt/trusted.gpg.d/"
+      eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::trustedparts/d)"
+
+      # once clean up keyrings
+      rm -f "${TRUSTEDPARTS}ubuntu-keyring-2018-archive.gpg" \
+            "${TRUSTEDPARTS}ubuntu-keyring-2012-archive.gpg" \
+            "${TRUSTEDPARTS}ubuntu-archive-removed-keys.gpg"
+
       . /usr/share/debconf/confmodule
       db_version 2.0
       db_get ubuntu-keyring/keyring
 
       if [ -n "$RET" ]; then
-        for keyring in "$RET"
+        selected=$(echo "$RET" | sed -e 's/, /\n/g')
+        echo "$selected" | while read keyring
         do
-          rm -f /etc/apt/trusted.gpg.d/"$keyring".gpg
-          ln -sf /usr/share/keyrings/"$keyring".gpg /etc/apt/trusted.gpg.d/
+          ln -sf "/usr/share/keyrings/${keyring}.gpg" "$TRUSTEDPARTS"
         done
       fi
 
diff -Nru ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postrm ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postrm
--- ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postrm	2019-02-07 00:26:23.000000000 +0900
+++ ubuntu-keyring-2018.09.18.1/debian/ubuntu-keyring.postrm	2019-03-12 01:40:45.000000000 +0900
@@ -5,14 +5,17 @@
 case "$1" in
     purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
 
-        rm -f /etc/apt/trusted.gpg.d/ubuntu-archive-keyring.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-archive-removed-keys.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-cloudimage-keyring.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-cloudimage-removed-keys.gpg \
-              /etc/apt/trusted.gpg.d/ubuntu-master-keyring.gpg
+      TRUSTEDPARTS="/etc/apt/trusted.gpg.d/"
+      eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::trustedparts/d)"
+
+      rm -f "${TRUSTEDPARTS}ubuntu-archive-keyring.gpg" \
+            "${TRUSTEDPARTS}ubuntu-archive-removed-keys.gpg" \
+            "${TRUSTEDPARTS}ubuntu-keyring-2012-archive.gpg" \
+            "${TRUSTEDPARTS}ubuntu-keyring-2018-archive.gpg" \
+            "${TRUSTEDPARTS}ubuntu-keyring-2012-cdimage.gpg" \
+            "${TRUSTEDPARTS}ubuntu-cloudimage-keyring.gpg" \
+            "${TRUSTEDPARTS}ubuntu-cloudimage-removed-keys.gpg" \
+            "${TRUSTEDPARTS}ubuntu-master-keyring.gpg"
 
     ;;
     *)

unblock ubuntu-keyring/2018.09.18.1-5

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), LANGUAGE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Reply to:
Prev by Date: Bug#925345: unblock: libapache2-mod-auth-mellon/0.14.2-1
Next by Date: Processed: stretch-pu: package dns-root-data/2019031302~deb9u1
Previous by thread: Bug#925345: unblock: libapache2-mod-auth-mellon/0.14.2-1
Next by thread: Bug#925351: stretch-pu: package dns-root-data/2019031302~deb9u1
Index(es):
- Date
- Thread