Просмотр исходного кода

add --readonly option for apt-key adv

Some advanced commands can be executed without the keyring being
modified like --verify, so this adds an option to disable the mergeback
and uses it for our gpg calling code.

Git-Dch: Ignore
David Kalnischkies лет назад: 12
Родитель
Сommit
33a2267214
3 измененных файлов с 7 добавлено и 7 удалено
  1. 1 0
      apt-pkg/contrib/gpgv.cc
  2. 4 5
      cmdline/apt-key.in
  3. 2 2
      test/integration/framework

+ 1 - 0
apt-pkg/contrib/gpgv.cc

@@ -54,6 +54,7 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
 
    Args.push_back(aptkey.c_str());
    Args.push_back("--quiet");
+   Args.push_back("--readonly");
    Args.push_back("adv");
 
    char statusfdstr[10];

+ 4 - 5
cmdline/apt-key.in

@@ -337,20 +337,19 @@ while [ -n "$1" ]; do
 	 shift
 	 TRUSTEDFILE="$1"
 	 FORCED_KEYRING="$1"
-	 shift
 	 ;;
       --secret-keyring)
 	 shift
 	 FORCED_SECRET_KEYRING="$1"
-	 shift
+	 ;;
+      --readonly)
+	 merge_back_changes() { true; }
 	 ;;
       --fakeroot)
 	 requires_root() { true; }
-	 shift
 	 ;;
       --quiet)
 	 aptkey_echo() { true; }
-	 shift
 	 ;;
       --*)
 	 echo >&2 "Unknown option: $1"
@@ -359,6 +358,7 @@ while [ -n "$1" ]; do
       *)
 	 break;;
    esac
+   shift
 done
 
 if [ -z "$TRUSTEDFILE" ]; then
@@ -430,7 +430,6 @@ case "$command" in
     del|rm|remove)
 	requires_root
 	foreach_keyring_do 'remove_key_from_keyring' "$@"
-	merge_back_changes
 	aptkey_echo "OK"
         ;;
     update)

+ 2 - 2
test/integration/framework

@@ -429,7 +429,7 @@ Package: $NAME" >> ${BUILDDIR}/debian/control
 		| while read SRC; do
 		echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist
 #		if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then
-#			aptkey --keyring ./keys/joesixpack.pub --secret-keyring ./keys/joesixpack.sec --quiet \
+#			aptkey --keyring ./keys/joesixpack.pub --secret-keyring ./keys/joesixpack.sec --quiet --readonly \
 #				adv --yes --default-key 'Joe Sixpack' \
 #				--clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
 #			mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
@@ -816,7 +816,7 @@ setupaptarchive() {
 signreleasefiles() {
 	local SIGNER="${1:-Joe Sixpack}"
 	local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
-	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec adv --batch --yes"
+	local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
 	msgninfo "\tSign archive with $SIGNER key $KEY… "
 	local REXKEY='keys/rexexpired'
 	local SECEXPIREBAK="${REXKEY}.sec.bak"