# We don't use a secret keyring, of course, but gpg panics and
# implodes if there isn't one available
-GPG_CMD='gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg'
+SECRETKEYRING="$(mktemp)"
+trap "rm -f '${SECRETKEYRING}'" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring '${SECRETKEYRING}'"
if [ "$(id -u)" -eq 0 ]; then
+ # we could use a tmpfile here too, but creation of this tends to be time-consuming
GPG_CMD="$GPG_CMD --trustdb-name /etc/apt/trustdb.gpg"
fi
case "$1" in
configure)
+ SECRING='/etc/apt/secring.gpg'
+ # test if secring is an empty normal file
+ if test -f $SECRING -a ! -s $SECRING; then
+ rm -f $SECRING
+ fi
apt-key update
;;
- use CndSet in pkgInitConfig (Closes: #629617)
* apt-pkg/depcache.cc:
- change default of APT::AutoRemove::SuggestsImportant to true
+ * cmdline/apt-key:
+ - use a tmpfile instead of /etc/apt/secring.gpg (Closes: #632596)
+ * debian/apt.postinst:
+ - remove /etc/apt/secring.gpg if it is an empty file
- -- David Kalnischkies <kalnischkies@gmail.com> Fri, 15 Jul 2011 09:29:37 +0200
+ -- David Kalnischkies <kalnischkies@gmail.com> Sat, 16 Jul 2011 14:19:51 +0200
apt (0.8.15.2) unstable; urgency=high
projects / apt.git / commitdiff
