[Bug 2077162] Re: [FFe/SRU] add-apt-repository --refresh-keys
Julian Andres Klode
2077162 at bugs.launchpad.net
Mon Aug 19 08:07:57 UTC 2024
** Description changed:
[Impact]
We want to provide an easy tool to allow users to refresh signing keys. This feature works for both deb822 sources and classic sources.
[Test plan]
- For all releases:
+ For all releases (using the default sources.list format, i.e. adding the
+ PPA using add-apt-repository):
1. Add a weak PPA, ensure its key is refreshed.
2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login, ensure we only see one login request.
3. Ensure non-PPA repositories are notified about as not being refreshable
4. Ensure key files not refreshable via PPA mechanism are notified
For 24.04:
- A. Add a weak PPA as a .list (23.10), ensure its key is refreshed.
+ A. Add a weak PPA as a .list, ensure its key is refreshed.
B. Add a superflous key for a deb822 source with Signed-By and observe key file deletion.
[Where problems could occur]
The new feature could not work in all cases. It is luckily self contained in one (too) large function
The launchpad login caching could possibly cause some problems, there
may be bugs there, but our test plan checks for both non-login and login
cases.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to software-properties in Ubuntu.
https://bugs.launchpad.net/bugs/2077162
Title:
[FFe/SRU] add-apt-repository --refresh-keys
Status in software-properties package in Ubuntu:
New
Status in software-properties source package in Focal:
New
Status in software-properties source package in Jammy:
New
Status in software-properties source package in Noble:
New
Status in software-properties source package in Oracular:
New
Bug description:
[Impact]
We want to provide an easy tool to allow users to refresh signing keys. This feature works for both deb822 sources and classic sources.
[Test plan]
For all releases (using the default sources.list format, i.e. adding
the PPA using add-apt-repository):
1. Add a weak PPA, ensure its key is refreshed.
2. Add a weak private PPA and ensure that it does not fail the process, then retry with --login, ensure we only see one login request.
3. Ensure non-PPA repositories are notified about as not being refreshable
4. Ensure key files not refreshable via PPA mechanism are notified
For 24.04:
A. Add a weak PPA as a .list, ensure its key is refreshed.
B. Add a superflous key for a deb822 source with Signed-By and observe key file deletion.
[Where problems could occur]
The new feature could not work in all cases. It is luckily self contained in one (too) large function
The launchpad login caching could possibly cause some problems, there
may be bugs there, but our test plan checks for both non-login and
login cases.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/2077162/+subscriptions
More information about the foundations-bugs
mailing list