summaryrefslogtreecommitdiff
path: root/cmdline/apt-key.in
diff options
context:
space:
mode:
authorMichael Vogt <mvo@debian.org>2014-01-25 22:39:21 +0100
committerMichael Vogt <mvo@debian.org>2014-01-25 22:39:21 +0100
commit72af508bdbca55d0752aab3369faa1dc944a04e7 (patch)
tree933b60b160f1876990bb02bab20fcdb491c8b560 /cmdline/apt-key.in
parentb52e8ce26ee0ee906f8bad4dbd72eca51fb65ed7 (diff)
parente093518c03b49a2def83d8b680be4490fed6e69c (diff)
Merge branch 'debian/sid' into ubuntu/master
Conflicts: configure.ac debian/changelog doc/apt-verbatim.ent doc/po/apt-doc.pot po/ar.po po/ast.po po/bg.po po/bs.po po/ca.po po/cs.po po/cy.po po/da.po po/de.po po/dz.po po/el.po po/es.po po/eu.po po/fi.po po/fr.po po/gl.po po/hu.po po/it.po po/ja.po po/km.po po/ko.po po/ku.po po/lt.po po/mr.po po/nb.po po/ne.po po/nl.po po/nn.po po/pl.po po/pt.po po/pt_BR.po po/ro.po po/ru.po po/sk.po po/sl.po po/sv.po po/th.po po/tl.po po/tr.po po/uk.po po/vi.po po/zh_CN.po po/zh_TW.po
Diffstat (limited to 'cmdline/apt-key.in')
-rw-r--r--cmdline/apt-key.in19
1 files changed, 13 insertions, 6 deletions
diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index 779872b4c..463e4b4b4 100644
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -25,6 +25,9 @@ GPG_CMD="$GPG_CMD --no-auto-check-trustdb --trust-model always"
GPG="$GPG_CMD"
+APT_DIR="/"
+eval $(apt-config shell APT_DIR Dir)
+
MASTER_KEYRING='&keyring-master-filename;'
eval $(apt-config shell MASTER_KEYRING APT::Key::MasterKeyring)
ARCHIVE_KEYRING='&keyring-filename;'
@@ -33,7 +36,7 @@ REMOVED_KEYS='&keyring-removed-filename;'
eval $(apt-config shell REMOVED_KEYS APT::Key::RemovedKeys)
ARCHIVE_KEYRING_URI='&keyring-uri;'
eval $(apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI)
-TMP_KEYRING=/var/lib/apt/keyrings/maybe-import-keyring.gpg
+TMP_KEYRING=${APT_DIR}/var/lib/apt/keyrings/maybe-import-keyring.gpg
requires_root() {
if [ "$(id -u)" -ne 0 ]; then
@@ -107,7 +110,11 @@ add_keys_with_verify_against_master_keyring() {
# (otherwise it does not make sense from a security POV)
net_update() {
# Disabled for now as code is insecure (LP: #1013639 (and 857472, 1013128))
- exit 1
+ APT_KEY_NET_UPDATE_ENABLED=""
+ eval $(apt-config shell APT_KEY_NET_UPDATE_ENABLED APT::Key::Net-Update-Enabled)
+ if [ -z "$APT_KEY_NET_UPDATE_ENABLED" ]; then
+ exit 1
+ fi
if [ -z "$ARCHIVE_KEYRING_URI" ]; then
echo >&2 "ERROR: Your distribution is not supported in net-update as no uri for the archive-keyring is set"
@@ -120,15 +127,15 @@ net_update() {
echo >&2 "ERROR: an installed wget is required for a network-based update"
exit 1
fi
- if [ ! -d /var/lib/apt/keyrings ]; then
- mkdir -p /var/lib/apt/keyrings
+ if [ ! -d ${APT_DIR}/var/lib/apt/keyrings ]; then
+ mkdir -p ${APT_DIR}/var/lib/apt/keyrings
fi
- keyring=/var/lib/apt/keyrings/$(basename $ARCHIVE_KEYRING)
+ keyring=${APT_DIR}/var/lib/apt/keyrings/$(basename $ARCHIVE_KEYRING_URI)
old_mtime=0
if [ -e $keyring ]; then
old_mtime=$(stat -c %Y $keyring)
fi
- (cd /var/lib/apt/keyrings; wget --timeout=90 -q -N $ARCHIVE_KEYRING_URI)
+ (cd ${APT_DIR}/var/lib/apt/keyrings; wget --timeout=90 -q -N $ARCHIVE_KEYRING_URI)
if [ ! -e $keyring ]; then
return
fi