Explorar el Código

document which keyring formats are supported by apt-key

* the good old 'simple' keyring format
* the ascii armored variant since 1.4

Not supported is the (new in gpg 2.1) keybox format.

Closes: 844724
David Kalnischkies hace 9 años
padre
commit
f77ea8235c
Se han modificado 11 ficheros con 31 adiciones y 17 borrados
  1. 19 5
      doc/apt-key.8.xml
  2. 1 1
      doc/po/apt-doc.pot
  3. 2 2
      doc/po/de.po
  4. 1 1
      doc/po/es.po
  5. 1 1
      doc/po/fr.po
  6. 1 1
      doc/po/it.po
  7. 1 1
      doc/po/ja.po
  8. 2 2
      doc/po/nl.po
  9. 1 1
      doc/po/pl.po
  10. 1 1
      doc/po/pt.po
  11. 1 1
      doc/po/pt_BR.po

+ 19 - 5
doc/apt-key.8.xml

@@ -47,6 +47,20 @@
    </para>
 </refsect1>
 
+<refsect1><title>Supported keyring files</title>
+<para>apt-key supports only the binary OpenPGP format (also known as "GPG key
+   public ring") in files with the "<literal>gpg</literal>" extension, not
+   the keybox database format introduced in newer &gpg; versions as default
+   for keyring files. Binary keyring files intended to be used with any apt
+   version should therefore always be created with <command>gpg --export</command>.
+</para>
+<para>Alternatively, if all systems which should be using the created keyring
+   have at least apt version >= 1.4 installed, you can use the ASCII armored
+   format with the "<literal>asc</literal>" extension instead which can be
+   created with <command>gpg --armor --export</command>.
+</para>
+</refsect1>
+
 <refsect1><title>Commands</title>
    <variablelist>
      <varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
@@ -63,10 +77,10 @@
      otherwise the &apt-secure; infrastructure is completely undermined.
      </para>
      <para>
-       Instead of using this command a keyring can be placed directly in the
-       <filename>/etc/apt/trusted.gpg.d/</filename> directory with a descriptive name
-       (same rules for filename apply as for &apt-conf; files) and "<literal>gpg</literal>"
-       as file extension.
+       <emphasis>Note</emphasis>: Instead of using this command a keyring
+       should be placed directly in the <filename>/etc/apt/trusted.gpg.d/</filename>
+       directory with a descriptive name and either "<literal>gpg</literal>" or
+       "<literal>asc</literal>" as file extension.
      </para>
      </listitem>
      </varlistentry>
@@ -139,7 +153,7 @@
      <para>
        Note that a distribution does not need to and in fact should not use
        this command any longer and instead ship keyring files in the
-       <filename>/etc/apt/trusted.gpg</filename> directory directly as this
+       <filename>/etc/apt/trusted.gpg.d/</filename> directory directly as this
        avoids a dependency on <package>gnupg</package> and it is easier to manage
        keys by simply adding and removing files for maintainers and users alike.
      </para>

+ 1 - 1
doc/po/apt-doc.pot

@@ -2015,7 +2015,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the "
-"<filename>/etc/apt/trusted.gpg</filename> directory directly as this avoids "
+"<filename>/etc/apt/trusted.gpg.d/</filename> directory directly as this avoids "
 "a dependency on <package>gnupg</package> and it is easier to manage keys by "
 "simply adding and removing files for maintainers and users alike."
 msgstr ""

+ 2 - 2
doc/po/de.po

@@ -2833,13 +2833,13 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""
 "Beachten Sie, dass eine Distribution diesen Befehl nicht benötigt und "
 "tatsächlich nicht länger nutzen sollte. Sie sollte stattdessen "
-"Schlüsselbunddateien im Verzeichnis <filename>/etc/apt/trusted.gpg</"
+"Schlüsselbunddateien im Verzeichnis <filename>/etc/apt/trusted.gpg.d/</"
 "filename> direkt mitliefern, da dies eine Abhängigkeit von <package>gnupg</"
 "package> vermeidet und die Verwaltung von Schlüsseln durch einfaches "
 "Hinzufügen und Entfernen von Dateien für Paketbetreuer und Anwender "

+ 1 - 1
doc/po/es.po

@@ -2890,7 +2890,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""

+ 1 - 1
doc/po/fr.po

@@ -2819,7 +2819,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""

+ 1 - 1
doc/po/it.po

@@ -2863,7 +2863,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""

+ 1 - 1
doc/po/ja.po

@@ -2760,7 +2760,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""

+ 2 - 2
doc/po/nl.po

@@ -2907,13 +2907,13 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""
 "Merk op dat een distributie dit commando niet langer hoeft en ook niet zou "
 "mogen gebruiken. In plaats daarvan moeten rechtstreeks sleutelbosbestanden "
-"meegeleverd worden in de map <filename>/etc/apt/trusted.gpg</filename>. Dit "
+"meegeleverd worden in de map <filename>/etc/apt/trusted.gpg.d/</filename>. Dit "
 "voorkomt dat het pakket <package>gnupg</package> een vereiste is, en zowel "
 "voor pakketonderhouders als voor gebruikers is het makkelijker om sleutels "
 "te beheren door eenvoudigweg bestanden toe te voegen of te verwijderen."

+ 1 - 1
doc/po/pl.po

@@ -2935,7 +2935,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""

+ 1 - 1
doc/po/pt.po

@@ -2831,7 +2831,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""

+ 1 - 1
doc/po/pt_BR.po

@@ -1981,7 +1981,7 @@ msgstr ""
 msgid ""
 "Note that a distribution does not need to and in fact should not use this "
 "command any longer and instead ship keyring files in the <filename>/etc/apt/"
-"trusted.gpg</filename> directory directly as this avoids a dependency on "
+"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
 "<package>gnupg</package> and it is easier to manage keys by simply adding "
 "and removing files for maintainers and users alike."
 msgstr ""