From ee284d5917d09649b68ff1632d44e892f290c52f Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Wed, 6 May 2020 12:33:39 +0200 Subject: Fully deprecate apt-key, schedule removal for Q2/2022 People are still using apt-key add and friends, despite that not being guaranteed to work. Let's tell them to stop doing so. We might still want a list command at a future point, but this needs deciding, and a blanket ban atm seems like a sensible step until we figured that out. --- cmdline/apt-key.in | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'cmdline') diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in index e9187b423..c61b8b417 100644 --- a/cmdline/apt-key.in +++ b/cmdline/apt-key.in @@ -740,8 +740,18 @@ warn_on_script_usage() { # (Maintainer) scripts should not be using apt-key if [ -n "$DPKG_MAINTSCRIPT_PACKAGE" ]; then echo >&2 "Warning: apt-key should not be used in scripts (called from $DPKG_MAINTSCRIPT_NAME maintainerscript of the package ${DPKG_MAINTSCRIPT_PACKAGE})" - elif [ ! -t 1 ]; then - echo >&2 "Warning: apt-key output should not be parsed (stdout is not a terminal)" + fi + + echo >&2 "Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8))." +} + +warn_outside_maintscript() { + # In del, we want to warn in interactive use, but not inside maintainer + # scripts, so as to give people a chance to migrate keyrings. + # + # FIXME: We should always warn starting in 2022. + if [ -z "$DPKG_MAINTSCRIPT_PACKAGE" ]; then + echo >&2 "Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8))." fi } @@ -760,6 +770,7 @@ case "$command" in ;; del|rm|remove) # no script warning here as removing 'add' usage needs 'del' for cleanup + warn_outside_maintscript requires_root foreach_keyring_do 'remove_key_from_keyring' "$@" aptkey_echo "OK" @@ -772,6 +783,7 @@ case "$command" in merge_back_changes ;; net-update) + warn_on_script_usage requires_root setup_merged_keyring net_update -- cgit v1.2.3