[Bug 1669517] Re: apt-key del must absolutely detect all errors, and then provide NON-zero return code and error message

Julian Andres Klode 1669517 at bugs.launchpad.net
Thu Jun 25 16:00:04 UTC 2020 

We will not be changing the behavior here. apt-key del working if they
key was not present in the keyring is important to maintain, so that we
do not break the maintainer scripts using it (which should be tested,
and should be the only users of this).

** Changed in: apt (Ubuntu)
       Status: Triaged => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1669517

Title:
  apt-key del must absolutely detect all errors, and then provide NON-
  zero return code and error message

Status in apt package in Ubuntu:
  Won't Fix

Bug description:
  Currently, 'apt-key del' does NOT detect that the keyid given in parameter is invalid :
  It displays 'OK' and provides a return code equal to zero (see log below).

  I consider that letting erroneously believe that a GPG key has been
  successfully removed is a security issue.

  In fact 'apt-key del' must absolutely detect all errors, and then
  provide NON-zero return code and error message.

  
  # wget  -q  -O -  https://oss.oracle.com/el4/RPM-GPG-KEY-oracle  |  apt-key  --keyring /etc/apt/trusted.gpg.d/oracle.gpg  add  -
  OK

  # apt-key  --keyring /etc/apt/trusted.gpg.d/oracle.gpg  list
  /etc/apt/trusted.gpg.d/oracle.gpg
  ---------------------------------
  pub   1024D/B38A8516 2006-09-05 [expired: 2013-09-06]
  uid                  Oracle OSS group (Open Source Software group) <build at oss.oracle.com>

  
  # apt-key  --keyring /etc/apt/trusted.gpg.d/oracle.gpg  del 1024D/B38A8516
  OK

  # echo $?
  0

  # apt-key  --keyring /etc/apt/trusted.gpg.d/oracle.gpg  list
  /etc/apt/trusted.gpg.d/oracle.gpg
  ---------------------------------
  pub   1024D/B38A8516 2006-09-05 [expired: 2013-09-06]
  uid                  Oracle OSS group (Open Source Software group) <build at oss.oracle.com>

  
  # apt-key  --keyring /etc/apt/trusted.gpg.d/oracle.gpg  del B38A8516
  OK

  # apt-key  --keyring /etc/apt/trusted.gpg.d/oracle.gpg  list

  #

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apt 1.2.19
  ProcVersionSignature: Ubuntu 4.4.0-65.86-generic 4.4.49
  Uname: Linux 4.4.0-65-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.20.1-0ubuntu2.5
  Architecture: amd64
  CurrentDesktop: X-Cinnamon
  Date: Thu Mar  2 17:34:07 2017
  InstallationDate: Installed on 2014-11-03 (849 days ago)
  InstallationMedia: Ubuntu-GNOME 14.10 "Utopic Unicorn" - Release amd64 (20141022.1)
  SourcePackage: apt
  UpgradeStatus: Upgraded to xenial on 2016-05-09 (297 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1669517/+subscriptions

More information about the foundations-bugs mailing list