only create new trusted.gpg if directory is writeable

author David Kalnischkies <david@kalnischkies.de>

Fri, 24 Jan 2014 16:14:52 +0000 (17:14 +0100)

committer David Kalnischkies <david@kalnischkies.de>

Fri, 26 Sep 2014 22:12:14 +0000 (00:12 +0200)
author David Kalnischkies <david@kalnischkies.de>
Fri, 24 Jan 2014 16:14:52 +0000 (17:14 +0100)
committer David Kalnischkies <david@kalnischkies.de>
Fri, 26 Sep 2014 22:12:14 +0000 (00:12 +0200)
diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in

index e592925d657e5914d0c568cff612c6214accad9a..66e26ef0c65806e80bbc1605cf78befd155884a3 100644 (file)
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -48,16 +48,6 @@ requires_root() {
         fi
  }
  
         fi
  }
  
-# gpg defaults to mode 0600 for new keyrings. Create one with 0644 instead.
-init_keyring() {
-    for path; do
-        if ! [ -e "$path" ]; then
-            touch -- "$path"
-            chmod 0644 -- "$path"
-        fi
-    done
-}
-
  add_keys_with_verify_against_master_keyring() {
      ADD_KEYRING=$1
      MASTER=$2
  add_keys_with_verify_against_master_keyring() {
      ADD_KEYRING=$1
      MASTER=$2
@@ -311,49 +301,50 @@ if [ -z "$command" ]; then
  fi
  shift
  
  fi
  shift
  
-if [ "$command" != "help" ] && ! which gpg >/dev/null 2>&1; then
-    echo >&2 "Warning: gnupg does not seem to be installed."
-    echo >&2 "Warning: apt-key requires gnupg for most operations."
-    echo >&2
+if [ "$command" != "help" ]; then
+    if ! which gpg >/dev/null 2>&1; then
+       echo >&2 "Warning: gnupg does not seem to be installed."
+       echo >&2 "Warning: apt-key requires gnupg for most operations."
+       echo >&2
+    fi
+
+    # gpg defaults to mode 0600 for new keyrings. Create one with 0644 instead.
+    if ! [ -e "$TRUSTEDFILE" ]; then
+       if [ -w "$(dirname "$TRUSTEDFILE")" ]; then
+          touch -- "$TRUSTEDFILE"
+          chmod 0644 -- "$TRUSTEDFILE"
+       fi
+    fi
  fi
  
  case "$command" in
      add)
          requires_root
  fi
  
  case "$command" in
      add)
          requires_root
-        init_keyring "$TRUSTEDFILE"
          $GPG --quiet --batch --import "$1"
          aptkey_echo "OK"
          ;;
      del|rm|remove)
          $GPG --quiet --batch --import "$1"
          aptkey_echo "OK"
          ;;
      del|rm|remove)
-        init_keyring "$TRUSTEDFILE"
         remove_key "$1"
          ;;
      update)
         remove_key "$1"
          ;;
      update)
-        init_keyring "$TRUSTEDFILE"
         update
         ;;
      net-update)
         update
         ;;
      net-update)
-        init_keyring "$TRUSTEDFILE"
         net_update
         ;;
      list)
         net_update
         ;;
      list)
-        init_keyring "$TRUSTEDFILE"
          $GPG --batch --list-keys
          ;;
      finger*)
          $GPG --batch --list-keys
          ;;
      finger*)
-        init_keyring "$TRUSTEDFILE"
          $GPG --batch --fingerprint
          ;;
      export)
          $GPG --batch --fingerprint
          ;;
      export)
-        init_keyring "$TRUSTEDFILE"
          $GPG --armor --export "$1"
          ;;
      exportall)
          $GPG --armor --export "$1"
          ;;
      exportall)
-        init_keyring "$TRUSTEDFILE"
          $GPG --armor --export
          ;;
      adv*)
          $GPG --armor --export
          ;;
      adv*)
-        init_keyring "$TRUSTEDFILE"
          aptkey_echo "Executing: $GPG $*"
          $GPG $*
          ;;
          aptkey_echo "Executing: $GPG $*"
          $GPG $*
          ;;
author	David Kalnischkies <david@kalnischkies.de>
	Fri, 24 Jan 2014 16:14:52 +0000 (17:14 +0100)
committer	David Kalnischkies <david@kalnischkies.de>
	Fri, 26 Sep 2014 22:12:14 +0000 (00:12 +0200)