only create new trusted.gpg if directory is writeable

author: David Kalnischkies <david@kalnischkies.de> 2014-01-24 17:14:52 +0100
committer: David Kalnischkies <david@kalnischkies.de> 2014-09-27 00:12:14 +0200
commit: 9fda3be1ae000e81e15dc8840271946e140765c9 (patch)
tree: c9468c261ea1dac9a85735b8ecfd55d49338e5b7 /cmdline
parent: 84b286f65c55e21b4734a17474f1cba464cbbd9c (diff)
1 files changed, 14 insertions, 23 deletions
diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index e592925d6..66e26ef0c 100644
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -48,16 +48,6 @@ requires_root() {
 	fi
 }
 
-# gpg defaults to mode 0600 for new keyrings. Create one with 0644 instead.
-init_keyring() {
-    for path; do
-        if ! [ -e "$path" ]; then
-            touch -- "$path"
-            chmod 0644 -- "$path"
-        fi
-    done
-}
-
 add_keys_with_verify_against_master_keyring() {
     ADD_KEYRING=$1
     MASTER=$2
@@ -311,49 +301,50 @@ if [ -z "$command" ]; then
 fi
 shift
 
-if [ "$command" != "help" ] && ! which gpg >/dev/null 2>&1; then
-    echo >&2 "Warning: gnupg does not seem to be installed."
-    echo >&2 "Warning: apt-key requires gnupg for most operations."
-    echo >&2
+if [ "$command" != "help" ]; then
+    if ! which gpg >/dev/null 2>&1; then
+	echo >&2 "Warning: gnupg does not seem to be installed."
+	echo >&2 "Warning: apt-key requires gnupg for most operations."
+	echo >&2
+    fi
+
+    # gpg defaults to mode 0600 for new keyrings. Create one with 0644 instead.
+    if ! [ -e "$TRUSTEDFILE" ]; then
+	if [ -w "$(dirname "$TRUSTEDFILE")" ]; then
+	   touch -- "$TRUSTEDFILE"
+	   chmod 0644 -- "$TRUSTEDFILE"
+	fi
+    fi
 fi
 
 case "$command" in
     add)
         requires_root
-        init_keyring "$TRUSTEDFILE"
         $GPG --quiet --batch --import "$1"
         aptkey_echo "OK"
         ;;
     del|rm|remove)
-        init_keyring "$TRUSTEDFILE"
 	remove_key "$1"
         ;;
     update)
-        init_keyring "$TRUSTEDFILE"
 	update
 	;;
     net-update)
-        init_keyring "$TRUSTEDFILE"
 	net_update
 	;;
     list)
-        init_keyring "$TRUSTEDFILE"
         $GPG --batch --list-keys
         ;;
     finger*)
-        init_keyring "$TRUSTEDFILE"
         $GPG --batch --fingerprint
         ;;
     export)
-        init_keyring "$TRUSTEDFILE"
         $GPG --armor --export "$1"
         ;;
     exportall)
-        init_keyring "$TRUSTEDFILE"
         $GPG --armor --export
         ;;
     adv*)
-        init_keyring "$TRUSTEDFILE"
         aptkey_echo "Executing: $GPG $*"
         $GPG $*
         ;;
author	David Kalnischkies <david@kalnischkies.de>	2014-01-24 17:14:52 +0100
committer	David Kalnischkies <david@kalnischkies.de>	2014-09-27 00:12:14 +0200
commit	9fda3be1ae000e81e15dc8840271946e140765c9 (patch)
tree	c9468c261ea1dac9a85735b8ecfd55d49338e5b7 /cmdline
parent	84b286f65c55e21b4734a17474f1cba464cbbd9c (diff)