Bug#829232: apt: please collapse "apt-key list" and "apt-key finger" (and indicate that they are not machine-readable)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#829232: apt: please collapse "apt-key list" and "apt-key finger" (and indicate that they are not machine-readable)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 01 Jul 2016 10:26:50 -0400
Message-id: <[🔎] 146738321065.14683.4200022624086296068.reportbug@alice.fifthhorseman.net>
Reply-to: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, 829232@bugs.debian.org

Package: apt
Version: 1.2.14
Severity: normal

Dear Maintainer,

Please make "apt-key list" do the same thing as "apt-key finger".  If
the user wants to see a list of keys in use, they should see the
fingerprint of the keys as well.

While you're at it, please update the apt-key(8) manpage to indicate
that the output of these commands is for human consumption and should
not be used as input to machine-readable scripts.

This is because both commands have traditionally produced output from
gpg --list-keys, which GnuPG upstream does not guarantee for
machine-parseability.

If anyone wants machine-parseable listings, then apt-key would need to
produce them with gpg --with-colons or something similar, probably
using a distinct subcommand.  Alternately (and preferably, i think,
since i would like apt to not depend on the full gnupg package),
people wanting machine-parseability should ask for something like
"apt-key list-trusted-files", which would produce the equivalent of:

 ls -1 /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d/*.gpg 2>/dev/null

And then the user could deal with those keys with gpg (or other
OpenPGP tooling) directly.

   --dkg

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing'), (200, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apt depends on:
ii  adduser                 3.114
ii  debian-archive-keyring  2014.3
ii  gnupg                   2.1.13-3
ii  gnupg2                  2.1.13-3
ii  gpgv                    2.1.13-3
ii  gpgv2                   2.1.13-3
ii  init-system-helpers     1.35
ii  libapt-pkg5.0           1.2.14
ii  libc6                   2.22-11
ii  libgcc1                 1:6.1.1-7
ii  libstdc++6              6.1.1-7

apt recommends no packages.

Versions of packages apt suggests:
pn  apt-doc                      <none>
pn  aptitude | synaptic | wajig  <none>
ii  dpkg-dev                     1.18.7
ii  python-apt                   1.1.0~beta2

-- no debconf information

Reply to:

Follow-Ups:
- Processed: Bug#829232 in apt marked as pending
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#829232: marked as done (apt: please collapse "apt-key list" and "apt-key finger" (and indicate that they are not machine-readable))
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Next by Date: Bug#620064: apt: please drop dependency on gnupg
Next by thread: Processed: Bug#829232 in apt marked as pending
Index(es):
- Date
- Thread