X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/45e8888be58513fb8d2550413fdb37f9624ca6cc..3e2f480d7ad43f565bf2253fc598c2b80a22560f:/cmdline/apt-key

diff --git a/cmdline/apt-key b/cmdline/apt-key
index 51a0bc2d1..5f4e02fdf 100755
--- a/cmdline/apt-key
+++ b/cmdline/apt-key
@@ -1,6 +1,7 @@
 #!/bin/sh
 
 set -e
+unset GREP_OPTIONS
 
 # We don't use a secret keyring, of course, but gpg panics and
 # implodes if there isn't one available
@@ -92,13 +93,17 @@ update() {
     # add any security. we *need* this check on net-update though
     $GPG_CMD --quiet --batch --keyring $ARCHIVE_KEYRING --export | $GPG --import
 
-    # remove no-longer supported/used keys
-    keys=`$GPG_CMD --keyring $REMOVED_KEYS --with-colons --list-keys | grep ^pub | cut -d: -f5`
-    for key in $keys; do
-	if $GPG --list-keys --with-colons | grep ^pub | cut -d: -f5 | grep -q $key; then
-	    $GPG --quiet --batch --delete-key --yes ${key}
-	fi
-    done
+    if [ -r "$REMOVED_KEYS" ]; then
+	# remove no-longer supported/used keys
+	keys=`$GPG_CMD --keyring $REMOVED_KEYS --with-colons --list-keys | grep ^pub | cut -d: -f5`
+	for key in $keys; do
+	    if $GPG --list-keys --with-colons | grep ^pub | cut -d: -f5 | grep -q $key; then
+		$GPG --quiet --batch --delete-key --yes ${key}
+	    fi
+	done
+    else
+	echo "Warning: removed keys keyring  $REMOVED_KEYS missing or not readable" >&2
+    fi
 }