clone 593951 -1 reassign -1 apt thanks On Sun, Aug 22, 2010 at 05:07:59PM +0200, Carsten Hey wrote: > debian-archive-keyring should remove old keys on upgrades, see forwarded > mail. > > The call to apt-key update should only be run if apt-key and gpg both > can be found since dependencies are not guaranteed to be available in > postrm. > > The check for gpg to be available is necessary because apt could > possibly recommend gnupg in future and thus apt-key could be available > but not gpg. > > So it could be something like this: > > | if [ -x /usr/bin/apt-key ] && [ -x /usr/bin/gpg ]; then > | /usr/bin/apt-key update > | fi
That doesn't actually work because `apt-key update' checks for the presence of the archive keyring prior to doing something. So this would either need to be unrolled into a loop calling `apt-key del' or by somehow passing in the archive keyring as a removed keyring as a prerm. (I also don't think it should be our job to check if all binaries used by apt-key are available.) Clone'd and reassign'd to apt for input by the apt maintainers if they intend to provide an interface for this (admittedly minor, at least for Debian) use case. Kind regards Philipp Kern
signature.asc
Description: Digital signature
