Bug#829232: apt: please collapse "apt-key list" and "apt-key finger" (and indicate that they are not machine-readable)
Package: apt
Version: 1.2.14
Severity: normal
Dear Maintainer,
Please make "apt-key list" do the same thing as "apt-key finger". If
the user wants to see a list of keys in use, they should see the
fingerprint of the keys as well.
While you're at it, please update the apt-key(8) manpage to indicate
that the output of these commands is for human consumption and should
not be used as input to machine-readable scripts.
This is because both commands have traditionally produced output from
gpg --list-keys, which GnuPG upstream does not guarantee for
machine-parseability.
If anyone wants machine-parseable listings, then apt-key would need to
produce them with gpg --with-colons or something similar, probably
using a distinct subcommand. Alternately (and preferably, i think,
since i would like apt to not depend on the full gnupg package),
people wanting machine-parseability should ask for something like
"apt-key list-trusted-files", which would produce the equivalent of:
ls -1 /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d/*.gpg 2>/dev/null
And then the user could deal with those keys with gpg (or other
OpenPGP tooling) directly.
--dkg
-- System Information:
Debian Release: stretch/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'testing'), (200, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages apt depends on:
ii adduser 3.114
ii debian-archive-keyring 2014.3
ii gnupg 2.1.13-3
ii gnupg2 2.1.13-3
ii gpgv 2.1.13-3
ii gpgv2 2.1.13-3
ii init-system-helpers 1.35
ii libapt-pkg5.0 1.2.14
ii libc6 2.22-11
ii libgcc1 1:6.1.1-7
ii libstdc++6 6.1.1-7
apt recommends no packages.
Versions of packages apt suggests:
pn apt-doc <none>
pn aptitude | synaptic | wajig <none>
ii dpkg-dev 1.18.7
ii python-apt 1.1.0~beta2
-- no debconf information
Reply to: