config/local
1
0
Fork 0
Code Issues 11 Pull Requests Releases Wiki Activity

Stop using deprecated apt_key: module #16

New Issue
Closed
opened 2023-06-24 10:02:41 +00:00 by benie · 0 comments
benie commented 2023-06-24 10:02:41 +00:00
Owner
Copy Link

The apt-key command, which the apt_key: module uses, has been deprecated.
The apt-key manpage has a DEPRECATION section outlining the expected
workflow moving forwards:

Except for using apt-key del in maintainer scripts, the use of apt-key is
deprecated. This section shows how to replace existing use of apt-key.

If your existing use of apt-key add looks like this:

wget -qO- https://myrepo.example/myrepo.asc | sudo apt-key add -

Then you can directly replace this with (though note the recommendation
below):

wget -qO- https://myrepo.example/myrepo.asc | sudo tee /etc/apt/trusted.gpg.d/myrepo.asc

Make sure to use the "asc" extension for ASCII armored keys and the "gpg"
extension for the binary OpenPGP format (also known as "GPG key public ring").
The binary OpenPGP format works for all apt versions, while the ASCII armored
format works for apt version >= 1.4.

Recommended: Instead of placing keys into the /etc/apt/trusted.gpg.d
directory, you can place them anywhere on your filesystem by using the
Signed-By option in your sources.list and pointing to the filename of the
key. See sources.list(5) for details. Since APT 2.4, /etc/apt/keyrings is
provided as the recommended location for keys not managed by packages. When
using a deb822-style sources.list, and with apt version >= 2.4, the
Signed-By option can also be used to include the full ASCII armored keyring
directly in the sources.list without an additional file.

The `apt-key` command, which the `apt_key:` module uses, has been deprecated. The `apt-key` manpage has a *DEPRECATION* section outlining the expected workflow moving forwards: > Except for using `apt-key del` in maintainer scripts, the use of `apt-key` is > deprecated. This section shows how to replace existing use of `apt-key`. > > If your existing use of `apt-key add` looks like this: > > wget -qO- https://myrepo.example/myrepo.asc | sudo apt-key add - > > Then you can directly replace this with (though note the recommendation > below): > > wget -qO- https://myrepo.example/myrepo.asc | sudo tee /etc/apt/trusted.gpg.d/myrepo.asc > > Make sure to use the "asc" extension for ASCII armored keys and the "gpg" > extension for the binary OpenPGP format (also known as "GPG key public ring"). > The binary OpenPGP format works for all apt versions, while the ASCII armored > format works for apt version >= 1.4. > > Recommended: Instead of placing keys into the `/etc/apt/trusted.gpg.d` > directory, you can place them anywhere on your filesystem by using the > `Signed-By` option in your sources.list and pointing to the filename of the > key. See sources.list(5) for details. Since APT 2.4, `/etc/apt/keyrings` is > provided as the recommended location for keys not managed by packages. When > using a deb822-style sources.list, and with apt version >= 2.4, the > `Signed-By` option can also be used to include the full ASCII armored keyring > directly in the sources.list without an additional file.
benie added the
bug
 label 2023-06-24 10:02:41 +00:00
benie closed this issue 2023-06-24 10:27:35 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
Something is not working
duplicate
This issue or pull request already exists
enhancement
New feature
help wanted
Need some help
invalid
Something is wrong
question
More information is needed
wontfix
This won't be fixed
No Label
bug
Milestone
No items
No Milestone
Assignees
Clear assignees
benie
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: config/local#16
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?