Devuan bug report logs - #539
apt-key: the del command is fragile at best

Package: apt; Maintainer for apt is Andreas Messer <andi@bastelmap.de>; Source for apt is src:apt.

Reported by: Flavio Stanchina <flavio@stanchina.net>

Date: Tue, 12 Jan 2021 11:18:01 UTC

Severity: normal

Found in version 1.8.2.2

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.devuan.org
Subject: bug#539: apt-key: the del command is fragile at best
Reply-To: Flavio Stanchina <flavio@stanchina.net>, 539@bugs.devuan.org
Resent-From: Flavio Stanchina <flavio@stanchina.net>
Resent-To: devuan-bugs@lists.dyne.org
Resent-CC: Andreas Messer <andi@bastelmap.de>
X-Loop: owner@bugs.devuan.org
Resent-Date: Tue, 12 Jan 2021 11:18:01 +0000
Resent-Message-ID: <handler.539.B.161044980132100@bugs.devuan.org>
Resent-Sender: owner@bugs.devuan.org
X-Devuan-PR-Message: report 539
X-Devuan-PR-Package: apt
X-Devuan-PR-Keywords: 
Received: via spool by submit@bugs.devuan.org id=B.161044980132100
          (code B); Tue, 12 Jan 2021 11:18:01 +0000
Received: (at submit) by bugs.devuan.org; 12 Jan 2021 11:10:01 +0000
Delivered-To: devuanbugs@dyne.org
Received: from tupac3.dyne.org [195.169.149.119]
	by doc.devuan.org with IMAP (fetchmail-6.4.0.beta4)
	for <debbugs@localhost> (single-drop); Tue, 12 Jan 2021 11:10:01 +0000 (UTC)
Received: from stanchina.net (stanchina.net [193.70.113.129])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by vm6.ganeti.dyne.org (Postfix) with ESMTPS id 3C78AF608A4
	for <submit@bugs.devuan.org>; Tue, 12 Jan 2021 12:06:58 +0100 (CET)
Received: from forza.casa ([::ffff:87.8.158.53])
  (AUTH: LOGIN flavio)
  by stanchina.net with ESMTPA; Tue, 12 Jan 2021 12:06:56 +0100
  id 000000000001FCAE.000000005FFD82D0.0000571B
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Flavio Stanchina <flavio@stanchina.net>
To: Devuan Bug Tracking System <submit@bugs.devuan.org>
Message-ID: <161044960343.31435.7190220805469658320.reportbug@forza.casa>
X-Mailer: reportbug 7.5.3+devuan3
Date: Tue, 12 Jan 2021 12:06:43 +0100
X-Spam-Status: No, score=-0.0 required=5.0 tests=SPF_HELO_PASS,SPF_PASS
	autolearn=disabled version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tupac3.dyne.org
Package: apt
Version: 1.8.2.2
Severity: normal
File: /usr/bin/apt-key

I wished to remove an old key from my APT keyring:

# apt-key list
/etc/apt/trusted.gpg
--------------------
...
pub   dsa1024 2010-12-23 [SC]
      74F7 3584 25EE B617 6094  C884 E0F7 2778 C467 6186
uid           [ unknown] PlayOnLinux Packaging [...]
...

# apt-key del 74F7358425EEB6176094
OK

-> the key was still there

# apt-key del 74f7
OK

-> the key was still there

# apt-key del 6186
gpg: key "6186" not found: Not found
gpg: 6186: delete key failed: Not found

-> the key was still there, but at least I got an error of some kind!

At this point I added some messages to apt-key itself and got this:

# apt-key del 'C884 E0F7 2778 C467 6186'
*** running remove_key_from_keyring on /etc/apt/trusted.gpg
*** key C884E0F72778C4676186 is in keyring /etc/apt/trusted.gpg!
*** removing key C884E0F72778C4676186 in keyring /etc/apt/trusted.gpg...
gpg: key "C884E0F72778C4676186" not found: Not found
gpg: C884E0F72778C4676186: delete key failed: Not found

There is obviously a misunderstanding between apt-key and gpg about what
makes a proper key id; I'm no gpg expert, so I have no idea of what is.

There is also a lack of proper diagnostics: if I get an unqualified "OK"
as in my first two tries, I expect the action to have been carried out.
If apt-key doesn't find something that looks like the supplied key id in
any keyring, I expect a clear message saying so.

-- System Information:
Distributor ID:	Debian
Description:	Devuan GNU/Linux 3 (beowulf)
Release:	3
Codename:	beowulf
Architecture: x86_64

Kernel: Linux 4.19.0-13-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages apt depends on:
ii  adduser                 3.118
ii  debian-archive-keyring  2019.1
ii  gpgv                    2.2.12-1+deb10u1
ii  libapt-pkg5.0           1.8.2.2
ii  libc6                   2.28-10
ii  libgcc1                 1:8.3.0-6
ii  libgnutls30             3.6.7-4+deb10u5
ii  libseccomp2             2.3.3-4
ii  libstdc++6              8.3.0-6

Versions of packages apt recommends:
ii  ca-certificates  20200601~deb10u1

Versions of packages apt suggests:
ii  apt-doc         1.8.2.2
ii  aptitude        0.8.11-7
ii  dpkg-dev        1.19.7
ii  gnupg           2.2.12-1+deb10u1
ii  powermgmt-base  1.34
ii  synaptic        0.84.6

-- no debconf information

Send a report that this bug log contains spam.


Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Mon Oct 3 04:21:20 2022;