From 1d39a530e386b2dc692d35120397ef95eaa8c1f7 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Mar 2018 18:26:36 -0400 Subject: Apt.trustsKey: Use apt-key to add key rather than manually driving gpg, which seems to not work anymore. Thanks, Russell Sim. --- debian/changelog | 8 ++++++++ .../comment_1_8ee5b69f068c369e88c31c639d692f60._comment | 14 ++++++++++++++ src/Propellor/Property/Apt.hs | 2 +- 3 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 doc/forum/can__39__t_get_Apt.trustsKey_to_work/comment_1_8ee5b69f068c369e88c31c639d692f60._comment diff --git a/debian/changelog b/debian/changelog index b081d04f..92581607 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +propellor (5.3.4) UNRELEASED; urgency=medium + + * Apt.trustsKey: Use apt-key to add key rather than manually driving gpg, + which seems to not work anymore. + Thanks, Russell Sim. + + -- Joey Hess Thu, 01 Mar 2018 18:25:04 -0400 + propellor (5.3.3) unstable; urgency=medium * Warn again about new upstream version when ~/.propellor was cloned from the diff --git a/doc/forum/can__39__t_get_Apt.trustsKey_to_work/comment_1_8ee5b69f068c369e88c31c639d692f60._comment b/doc/forum/can__39__t_get_Apt.trustsKey_to_work/comment_1_8ee5b69f068c369e88c31c639d692f60._comment new file mode 100644 index 00000000..b1f82b19 --- /dev/null +++ b/doc/forum/can__39__t_get_Apt.trustsKey_to_work/comment_1_8ee5b69f068c369e88c31c639d692f60._comment @@ -0,0 +1,14 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2018-03-01T22:20:54Z" + content=""" +I added trustsKey in 2014, but my current config is not using +it for anything, so it seems likely it's bitrotted in some way. +And there's no rationalle documented for why it manually drives gpg. + +I've applied your change to use apt-key. + +I wonder if the nukeFile of the "gpg dropping" is actually needed +anymore? +"""]] diff --git a/src/Propellor/Property/Apt.hs b/src/Propellor/Property/Apt.hs index d44b5c38..7275205a 100644 --- a/src/Propellor/Property/Apt.hs +++ b/src/Propellor/Property/Apt.hs @@ -447,7 +447,7 @@ trustsKey k = trustsKey' k untrustKey k trustsKey' :: AptKey -> Property DebianLike trustsKey' k = check (not <$> doesFileExist f) $ property desc $ makeChange $ do withHandle StdinHandle createProcessSuccess - (proc "gpg" ["--no-default-keyring", "--keyring", f, "--import", "-"]) $ \h -> do + (proc "apt-key" ["--keyring", f, "add", "-"]) $ \h -> do hPutStr h (pubkey k) hClose h nukeFile $ f ++ "~" -- gpg dropping -- cgit v1.2.3