# We don't use a secret keyring, of course, but gpg panics and
# implodes if there isn't one available
-GPG_CMD="gpg --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg"
+GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg"
GPG="$GPG_CMD --keyring /etc/apt/trusted.gpg"
-ARCHIVE_KEYRING=/usr/share/keyrings/debian-archive-keyring.gpg
-REMOVED_KEYS=/usr/share/keyrings/debian-archive-removed-keys.gpg
+ARCHIVE_KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg
+REMOVED_KEYS=/usr/share/keyrings/ubuntu-archive-removed-keys.gpg
update() {
if [ ! -f $ARCHIVE_KEYRING ]; then
echo >&2 "ERROR: Can't find the archive-keyring"
- echo >&2 "Is the debian-archive-keyring package installed?"
+ echo >&2 "Is the ubuntu-keyring package installed?"
exit 1
fi
# add new keys
- $GPG_CMD --quiet --batch --keyring $ARCHIVE_KEYRING --export | $GPG --ignore-time-conflict --import
+ $GPG_CMD --quiet --batch --keyring $ARCHIVE_KEYRING --export | $GPG --import
# remove no-longer used keys
keys=`$GPG_CMD --keyring $REMOVED_KEYS --with-colons --list-keys | grep ^pub | cut -d: -f5`
echo
echo " apt-key add <file> - add the key contained in <file> ('-' for stdin)"
echo " apt-key del <keyid> - remove the key <keyid>"
+ echo " apt-key export <keyid> - output the key <keyid>"
+ echo " apt-key exportall - output all trusted keys"
echo " apt-key update - update keys using the keyring package"
echo " apt-key list - list keys"
echo
finger*)
$GPG --batch --fingerprint
;;
+ export)
+ $GPG --armor --export "$1"
+ ;;
+ exportall)
+ $GPG --armor --export
+ ;;
adv*)
echo "Executing: $GPG $*"
$GPG $*