- if ! test -f /etc/apt/trusted.gpg; then
- cp /usr/share/apt/ubuntu-archive.gpg /etc/apt/trusted.gpg
+ if dpkg --compare-versions "$2" lt-nl 0.9.9.5; then
+ # we are using tmpfiles for both
+ rm -f /etc/apt/trustdb.gpg
+ # this removal was done unconditional since 0.8.15.3
+ SECRING='/etc/apt/secring.gpg'
+ # test if secring is an empty normal file
+ if test -f $SECRING -a ! -s $SECRING; then
+ rm -f $SECRING
+ fi
+ fi
+
+ # add unprivileged user for the apt methods
+ adduser --force-badname --system -home /var/empty \
+ --no-create-home --quiet _apt || true
+ chown -R _apt:root \
+ /var/lib/apt/lists \
+ /var/cache/apt/archives
+
+ # ensure tighter permissons on the logs, see LP: #975199
+ if dpkg --compare-versions "$2" lt-nl 0.9.7.7; then
+ # ensure permissions are right
+ chmod -f 0640 /var/log/apt/term.log* || true
+ fi
+
+ # create kernel autoremoval blacklist on update
+ if dpkg --compare-versions "$2" lt 0.9.9.3; then
+ /etc/kernel/postinst.d/apt-auto-removal