diff options
-rw-r--r-- | cmdline/apt-key.in | 24 |
1 files changed, 10 insertions, 14 deletions
diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in index 3ed2a70ce..4f2bc916b 100644 --- a/cmdline/apt-key.in +++ b/cmdline/apt-key.in @@ -238,12 +238,9 @@ foreach_keyring_do() { local TRUSTEDPARTS="/etc/apt/trusted.gpg.d" eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d)" if [ -d "$TRUSTEDPARTS" ]; then - # strip / suffix as gpg will double-slash in that case (#665411) - local STRIPPED_TRUSTEDPARTS="${TRUSTEDPARTS%/}" - if [ "${STRIPPED_TRUSTEDPARTS}/" = "$TRUSTEDPARTS" ]; then - TRUSTEDPARTS="$STRIPPED_TRUSTEDPARTS" - fi - for trusted in $(find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 -regex '^.*\.gpg$' | sort); do + TRUSTEDPARTS="$(readlink -f "$TRUSTEDPARTS")" + local TRUSTEDPARTSLIST="$(cd /; find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 -name '*.gpg')" + for trusted in $(echo "$TRUSTEDPARTSLIST" | sort); do if [ -s "$trusted" ]; then $ACTION "$trusted" "$@" fi @@ -301,7 +298,7 @@ merge_all_trusted_keyrings_into_pubring() { # does the same as: # foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg" # but without using gpg, just cat and find - local PUBRING="${GPGHOMEDIR}/pubring.gpg" + local PUBRING="$(readlink -f "${GPGHOMEDIR}/pubring.gpg")" # if a --keyring was given, just use this one if [ -n "$FORCED_KEYRING" ]; then if [ -s "$FORCED_KEYRING" ]; then @@ -312,13 +309,12 @@ merge_all_trusted_keyrings_into_pubring() { local TRUSTEDPARTS="/etc/apt/trusted.gpg.d" eval $(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d) if [ -d "$TRUSTEDPARTS" ]; then - # ignore errors mostly for non-existing $TRUSTEDFILE - { - cat "$TRUSTEDFILE" || true - for parts in $(find -L "$TRUSTEDPARTS" -type f -name '*.gpg'); do - cat "$parts" || true - done - } > "$PUBRING" 2>/dev/null + rm -f "$PUBRING" + if [ -s "$TRUSTEDFILE" ]; then + cat "$TRUSTEDFILE" > "$PUBRING" + fi + TRUSTEDPARTS="$(readlink -f "$TRUSTEDPARTS")" + (cd /; find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 -name '*.gpg' -exec cat {} + >> "$PUBRING";) elif [ -s "$TRUSTEDFILE" ]; then cp --dereference "$TRUSTEDFILE" "$PUBRING" fi |