diff options
Diffstat (limited to 'cmdline/apt-key')
| -rwxr-xr-x | cmdline/apt-key | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/cmdline/apt-key b/cmdline/apt-key index 843163f82..97d6e0323 100755 --- a/cmdline/apt-key +++ b/cmdline/apt-key @@ -5,9 +5,12 @@ unset GREP_OPTIONS # We don't use a secret keyring, of course, but gpg panics and # implodes if there isn't one available -GPG_CMD='gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg' +SECRETKEYRING="$(mktemp)" +trap "rm -f '${SECRETKEYRING}'" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM +GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring ${SECRETKEYRING}" if [ "$(id -u)" -eq 0 ]; then + # we could use a tmpfile here too, but creation of this tends to be time-consuming GPG_CMD="$GPG_CMD --trustdb-name /etc/apt/trustdb.gpg" fi @@ -149,7 +152,7 @@ if [ "$1" = "--keyring" ]; then #echo "keyfile given" shift TRUSTEDFILE="$1" - if [ -r "$TRUSTEDFILE" ]; then + if [ -r "$TRUSTEDFILE" ] || [ "$2" = 'add' ]; then GPG="$GPG --keyring $TRUSTEDFILE --primary-keyring $TRUSTEDFILE" else echo >&2 "Error: The specified keyring »$TRUSTEDFILE« is missing or not readable" |