[Bug 1862764] Re: add-apt-repository should use signed-by
Ashley Waite
1862764 at bugs.launchpad.net
Thu Nov 18 08:38:37 UTC 2021
The 'signed-by' field is not supported in the python-apt classes that
are used by add-apt-repository and the gui software-properties.
- When adding a new source there's no argument to provide 'signed-by' or 'trusted' options, so those cannot be added via add-apt-repository or the gui software-properties until that is corrected, and this omission appears to exist upstream:
https://git.launchpad.net/python-apt/tree/aptsources/sourceslist.py#n309
- Adding 'signed-by' to the output of the sources so it gets written to the sources list would be needed:
https://git.launchpad.net/python-apt/tree/aptsources/sourceslist.py#n232
- And then it'll get ignored when subsequently reading the sources list, as any option fields present other than 'arch' and 'trusted' result in the line being flagged as invalid, this results in the source not being listed in the software-properties sources list - and that's actually how I ended up here trying to work out if that failure to display had been reported as a bug yet.
So that too needs to be updated:
https://git.launchpad.net/python-apt/tree/aptsources/sourceslist.py#n196
These three changes all appear to be upstream, and navigating the debian
site was not as straight forward as here, so I'm not really clear on
where to submit a patch to make it happen, nor how easy it would be to
pull back here, so I figured I could throw the details here for someone
that's more familiar with that!
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to software-properties in Ubuntu.
https://bugs.launchpad.net/bugs/1862764
Title:
add-apt-repository should use signed-by
Status in software-properties package in Ubuntu:
Confirmed
Bug description:
add-apt-repository should use signed-by
apt sources.list syntax supports limiting which keys are used to sign
a given repo.
It would be nice for add-apt-repository to import the key somewhere
else but trusted.gpg.d and then specify path to it, using the "signed-
by" field.
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: software-properties-common 0.98.6
ProcVersionSignature: Ubuntu 5.4.0-1002.4-oem 5.4.8
Uname: Linux 5.4.0-1002-oem x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.11-0ubuntu16
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Tue Feb 11 12:01:49 2020
InstallationDate: Installed on 2016-01-26 (1477 days ago)
InstallationMedia: Ubuntu-Server 16.04 LTS "Xenial Xerus" - Alpha amd64 (20160125)
PackageArchitecture: all
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: software-properties
UpgradeStatus: Upgraded to focal on 2019-01-15 (391 days ago)
modified.conffile..etc.default.apport: [modified]
mtime.conffile..etc.default.apport: 2020-01-10T16:24:15.968394
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1862764/+subscriptions
More information about the foundations-bugs
mailing list