projects
/
apt.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
merged from lp:~donkult/apt/debian-experimental
[apt.git]
/
cmdline
/
apt-key
diff --git
a/cmdline/apt-key
b/cmdline/apt-key
index 843163f82c5fc3367f9a4d023817763888af8312..c184e3e755b44f96ffd40a43abc7102756d6bb4f 100755
(executable)
--- a/
cmdline/apt-key
+++ b/
cmdline/apt-key
@@
-5,10
+5,14
@@
unset GREP_OPTIONS
# We don't use a secret keyring, of course, but gpg panics and
# implodes if there isn't one available
# We don't use a secret keyring, of course, but gpg panics and
# implodes if there isn't one available
-GPG_CMD='gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg'
+SECRETKEYRING="$(mktemp)"
+trap "rm -f '${SECRETKEYRING}'" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring ${SECRETKEYRING}"
if [ "$(id -u)" -eq 0 ]; then
if [ "$(id -u)" -eq 0 ]; then
- GPG_CMD="$GPG_CMD --trustdb-name /etc/apt/trustdb.gpg"
+ # we could use a tmpfile here too, but creation of this tends to be time-consuming
+ eval $(apt-config shell TRUSTDBDIR Dir::Etc/d)
+ GPG_CMD="$GPG_CMD --trustdb-name ${TRUSTDBDIR}/trustdb.gpg"
fi
GPG="$GPG_CMD"
fi
GPG="$GPG_CMD"
@@
-149,7
+153,7
@@
if [ "$1" = "--keyring" ]; then
#echo "keyfile given"
shift
TRUSTEDFILE="$1"
#echo "keyfile given"
shift
TRUSTEDFILE="$1"
- if [ -r "$TRUSTEDFILE" ]; then
+ if [ -r "$TRUSTEDFILE" ]
|| [ "$2" = 'add' ]
; then
GPG="$GPG --keyring $TRUSTEDFILE --primary-keyring $TRUSTEDFILE"
else
echo >&2 "Error: The specified keyring »$TRUSTEDFILE« is missing or not readable"
GPG="$GPG --keyring $TRUSTEDFILE --primary-keyring $TRUSTEDFILE"
else
echo >&2 "Error: The specified keyring »$TRUSTEDFILE« is missing or not readable"
projects / apt.git / blobdiff