Bug#558784: status of this bug?

To: Helmut Grohne <helmut@subdivi.de>
Cc: 558784@bugs.debian.org, 558784-submitter@bugs.debian.org, packages@release.debian.org
Subject: Bug#558784: status of this bug?
From: Tollef Fog Heen <tfheen@err.no>
Date: Tue, 06 Mar 2012 14:14:00 +0100
Message-id: <[🔎] 87zkbtc1nr.fsf@qurzaw.varnish-software.com>
Reply-to: Tollef Fog Heen <tfheen@err.no>, 558784@bugs.debian.org
In-reply-to: <[🔎] 20120302153556.GA28591@localhost> (Helmut Grohne's message of "Fri, 2 Mar 2012 16:35:57 +0100")
References: <[🔎] 20120302153556.GA28591@localhost>

]] Helmut Grohne 

> Using regular files might be easier to implement, because shipping those
> files in /etc makes them conffiles. Using symbolic links may be a
> cleaner solution. Using more files provides more (or easier) flexibility
> to the user and therefore seems preferable even though it causes more
> work. In order to support the current apt-key the
> debian-archive-removed-keys.gpg would need to include all present keys
> (and thus clean trusted.gpg). The change would again loose user
> configuration, but this seems unavoidable to me.

Well, it would be reasonable to:

ship all keys in keyring package, as symlinks or files in /etc
for each key in $shipped_keyring:
  if key not present in /etc/apt/trusted.gpg and we're upgrading from $flag_version
    remove /etc/apt/trusted.gpg.d/$key (if it's the right key)

This will preserve user changes just fine, AFAICS?

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are

Reply to:

References:
- Bug#558784: status of this bug?
  - From: Helmut Grohne <helmut@subdivi.de>

Prev by Date: Bug#657560: #657560: apt: ...i18n_Translation-en Encountered a section with no Package: header
Next by Date: Offerta di prestito
Previous by thread: Bug#558784: status of this bug?
Next by thread: Bug#558784: status of this bug?
Index(es):
- Date
- Thread