Re: Bug#687611: debian-archive-keyring: /usr/share/keyrings/debian-archive-removed-keys.gpg gets modified during squeeze->wheezy upgrade
On Fri, Sep 14, 2012 at 5:36 PM, Philipp Kern <pkern@debian.org> wrote:
> Is it fine after a fresh squeeze installation? The only script that
> touches that keyring (and I see the same as you on squeeze→wheezy) is
> apt-key. And only if being called as «apt-key update». But I don't see
> how the read-only access would modify the keyring and a subsequent «apt-key
> update» call with wheezy's apt does not touch it. Maybe gpg does strange
> things. Copying deity@.
apt-key shouldn't modify this keyring; it is only ever "touched" to --list-keys
in it, so it must be gpg doing things here. See #662948 which should probably
be merged with this one.
This report mentions as a result of 'apt-key update':
…
gpg: WARNING: digest algorithm MD5 is deprecated
gpg: please see http://www.gnupg.org/faq/weak-digest-algos.html for
more information
gpg: no ultimately trusted keys found
…
Maybe it is gpg auto-updating the digest even in --list-* commands;
or something completely different. I gave up after being unable to reproduce it.
(Not that I would have a solution, now that I know how to reproduce it …)
Best regards
David Kalnischkies
Reply to: