Devuan bug report logs - #539
apt-key: the del command is fragile at best

Package: apt; Maintainer for apt is Andreas Messer <>; Source for apt is src:apt.

Reported by: Flavio Stanchina <>

Date: Tue, 12 Jan 2021 11:18:01 UTC

Severity: normal

Found in version

Full log

Message #5 received at (full text, mbox, reply):

Received: (at submit) by; 12 Jan 2021 11:10:01 +0000
Return-Path: <>
Received: from []
	by with IMAP (fetchmail-6.4.0.beta4)
	for <debbugs@localhost> (single-drop); Tue, 12 Jan 2021 11:10:01 +0000 (UTC)
Received: from ( [])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by (Postfix) with ESMTPS id 3C78AF608A4
	for <>; Tue, 12 Jan 2021 12:06:58 +0100 (CET)
Received: from ([::ffff:])
  (AUTH: LOGIN flavio)
  by with ESMTPA; Tue, 12 Jan 2021 12:06:56 +0100
  id 000000000001FCAE.000000005FFD82D0.0000571B
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Flavio Stanchina <>
To: Devuan Bug Tracking System <>
Subject: apt-key: the del command is fragile at best
Message-ID: <>
X-Mailer: reportbug 7.5.3+devuan3
Date: Tue, 12 Jan 2021 12:06:43 +0100
X-Spam-Status: No, score=-0.0 required=5.0 tests=SPF_HELO_PASS,SPF_PASS
	autolearn=disabled version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
Package: apt
Severity: normal
File: /usr/bin/apt-key

I wished to remove an old key from my APT keyring:

# apt-key list
pub   dsa1024 2010-12-23 [SC]
      74F7 3584 25EE B617 6094  C884 E0F7 2778 C467 6186
uid           [ unknown] PlayOnLinux Packaging [...]

# apt-key del 74F7358425EEB6176094

-> the key was still there

# apt-key del 74f7

-> the key was still there

# apt-key del 6186
gpg: key "6186" not found: Not found
gpg: 6186: delete key failed: Not found

-> the key was still there, but at least I got an error of some kind!

At this point I added some messages to apt-key itself and got this:

# apt-key del 'C884 E0F7 2778 C467 6186'
*** running remove_key_from_keyring on /etc/apt/trusted.gpg
*** key C884E0F72778C4676186 is in keyring /etc/apt/trusted.gpg!
*** removing key C884E0F72778C4676186 in keyring /etc/apt/trusted.gpg...
gpg: key "C884E0F72778C4676186" not found: Not found
gpg: C884E0F72778C4676186: delete key failed: Not found

There is obviously a misunderstanding between apt-key and gpg about what
makes a proper key id; I'm no gpg expert, so I have no idea of what is.

There is also a lack of proper diagnostics: if I get an unqualified "OK"
as in my first two tries, I expect the action to have been carried out.
If apt-key doesn't find something that looks like the supplied key id in
any keyring, I expect a clear message saying so.

-- System Information:
Distributor ID:	Debian
Description:	Devuan GNU/Linux 3 (beowulf)
Release:	3
Codename:	beowulf
Architecture: x86_64

Kernel: Linux 4.19.0-13-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages apt depends on:
ii  adduser                 3.118
ii  debian-archive-keyring  2019.1
ii  gpgv                    2.2.12-1+deb10u1
ii  libapt-pkg5.0 
ii  libc6                   2.28-10
ii  libgcc1                 1:8.3.0-6
ii  libgnutls30             3.6.7-4+deb10u5
ii  libseccomp2             2.3.3-4
ii  libstdc++6              8.3.0-6

Versions of packages apt recommends:
ii  ca-certificates  20200601~deb10u1

Versions of packages apt suggests:
ii  apt-doc
ii  aptitude        0.8.11-7
ii  dpkg-dev        1.19.7
ii  gnupg           2.2.12-1+deb10u1
ii  powermgmt-base  1.34
ii  synaptic        0.84.6

-- no debconf information

Send a report that this bug log contains spam.

Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <>.
Last modified: Mon Oct 3 05:25:34 2022;