diff options
| -rwxr-xr-x | cmdline/apt-key | 21 | ||||
| -rw-r--r-- | debian/changelog | 6 |
2 files changed, 26 insertions, 1 deletions
diff --git a/cmdline/apt-key b/cmdline/apt-key index c184e3e75..2c087acbc 100755 --- a/cmdline/apt-key +++ b/cmdline/apt-key @@ -32,6 +32,16 @@ requires_root() { fi } +# gpg defaults to mode 0600 for new keyrings. Create one with 0644 instead. +init_keyring() { + for path; do + if ! [ -e "$path" ]; then + touch -- "$path" + chmod 0644 -- "$path" + fi + done +} + add_keys_with_verify_against_master_keyring() { ADD_KEYRING=$1 MASTER=$2 @@ -153,7 +163,7 @@ if [ "$1" = "--keyring" ]; then #echo "keyfile given" shift TRUSTEDFILE="$1" - if [ -r "$TRUSTEDFILE" ] || [ "$2" = 'add' ]; then + if [ -r "$TRUSTEDFILE" ] || [ "$2" = 'add' ] || [ "$2" = 'adv' ]; then GPG="$GPG --keyring $TRUSTEDFILE --primary-keyring $TRUSTEDFILE" else echo >&2 "Error: The specified keyring »$TRUSTEDFILE« is missing or not readable" @@ -198,33 +208,42 @@ fi case "$command" in add) requires_root + init_keyring "$TRUSTEDFILE" $GPG --quiet --batch --import "$1" echo "OK" ;; del|rm|remove) requires_root + init_keyring "$TRUSTEDFILE" $GPG --quiet --batch --delete-key --yes "$1" echo "OK" ;; update) + init_keyring "$TRUSTEDFILE" update ;; net-update) + init_keyring "$TRUSTEDFILE" net_update ;; list) + init_keyring "$TRUSTEDFILE" $GPG --batch --list-keys ;; finger*) + init_keyring "$TRUSTEDFILE" $GPG --batch --fingerprint ;; export) + init_keyring "$TRUSTEDFILE" $GPG --armor --export "$1" ;; exportall) + init_keyring "$TRUSTEDFILE" $GPG --armor --export ;; adv*) + init_keyring "$TRUSTEDFILE" echo "Executing: $GPG $*" $GPG $* ;; diff --git a/debian/changelog b/debian/changelog index 450a9c382..aa8553251 100644 --- a/debian/changelog +++ b/debian/changelog @@ -17,6 +17,12 @@ apt (0.9.8.2) unstable; urgency=low * Fix crash when the "mirror" method does not find any entry (closes: #699303) + + [ Johan Kiviniemi ] + * cmdline/apt-key: + - Create new keyrings with mode 0644 instead of 0600. + - Accept a nonexistent --keyring file with the adv subcommand as well. + -- Michael Vogt <mvo@debian.org> Thu, 06 Jun 2013 19:15:14 +0200 apt (0.9.8.1) unstable; urgency=low |