Bug#595428: Acknowledgement (apt again lost support for Apt::GPGV::TrustedKeyring)
mhh, missed that mail on first look…
2010/9/3 Joey Hess <joeyh@debian.org>:
> So, I guess what's really going on is that Apt::GPGV::TrustedKeyring
> was "deprecated", at least at the level of having a comment in the source
> to that effect, although there were no deprecation warnings I know of. And
The thing is, the comment says it should be removed at the place the
setting should be interpreted (and does it now after the patch) but in 0.8
the interpretation is even before the loading of the config files…
complete bogus. So while i think we should get right of
Apt::GPGV::TrustedKeyring as it doesn't fit into the rest of configuration
(setting Dir and Dir::Etc differently doesn't effect it at all, but should),
it should be still supported in wheezy…
> it was removed in 0.8.0. I guess we're supposed to use Dir::Etc::trusted
> now, although oddly I have to set that to a keyring file, not a directory.
I don't understand what you mean, TrustedKeyring wanted also a file…?
> And it's similarly undocumented.
The apt-key manpage mentions the keyring files and the options to
set them to a non-default file. Well hidden, but existing. ;)
In the future it should be maybe added to apt-secure as well…
>
> BTW I noticed that apt still contains this:
>
> ./cmdline/apt-key: eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring)
As said, libapt and apt-key disagree on which options they interpret…
I will try to fix this now, with the hope that in wheezy apt-key will be
obsolete (i can't mention that to often :) ).
Best regards
David Kalnischkies
Reply to: