[Merge] ~mitchburton/ubuntu/+source/landscape-client:ubuntu/lunar-devel into ubuntu/+source/landscape-client:ubuntu/lunar-devel

[Mitch Burton]

Diff comments:

> diff --git a/debian/landscape-client.postrm b/debian/landscape-client.postrm
> index a436e39..10f79b8 100644
> --- a/debian/landscape-client.postrm
> +++ b/debian/landscape-client.postrm
> @@ -28,6 +29,8 @@ case "$1" in
>      rm -f "${LOG_DIR}/package-reporter.log"*
>      rm -f "${LOG_DIR}/package-changer.log"*
>  
> +    rm -f "${GPG_DIR}/landscape-server"*.asc

Yes, that risk certainly exists. It would probably be better to use a key filename that makes it explicit that the file was created by Landscape, something like "landscape-server-{repository_name}.asc" or similar.

> +
>      rm -rf "${DATA_DIR}/client"
>      rm -rf "${DATA_DIR}/.gnupg"
>  
> diff --git a/landscape/client/manager/aptsources.py b/landscape/client/manager/aptsources.py
> index 649569b..866c6ba 100644
> --- a/landscape/client/manager/aptsources.py
> +++ b/landscape/client/manager/aptsources.py
> @@ -83,16 +85,12 @@ class AptSources(ManagerPlugin):
>                        "-----END PGP PUBLIC KEY BLOCK-----"]}
>          """
>          deferred = succeed(None)
> +        prefix = 'landscape-server-'
>          for key in message["gpg-keys"]:
> -            fd, path = tempfile.mkstemp()
> -            os.close(fd)
> -            with open(path, "w") as key_file:
> +            filename = prefix + str(uuid.uuid4()) + '.asc'

Noted. I don't expect to SRU to trusty or xenial.

> +            key_path = os.path.join(self.TRUSTED_GPG_D, filename)
> +            with open(key_path, "w") as key_file:
>                  key_file.write(key)
> -            deferred.addCallback(
> -                lambda ignore, path=path:
> -                    self._run_process("/usr/bin/apt-key", ["add", path]))
> -            deferred.addCallback(self._handle_process_error)
> -            deferred.addBoth(self._remove_and_continue, path)
>          deferred.addErrback(self._handle_process_failure)
>          deferred.addCallback(self._handle_sources, message["sources"])
>          return self.call_with_operation_result(message, lambda: deferred)


-- 
https://code.launchpad.net/~mitchburton/ubuntu/+source/landscape-client/+git/landscape-client/+merge/437634
Your team Ubuntu Sponsors Team is requested to review the proposed merge of ~mitchburton/ubuntu/+source/landscape-client:ubuntu/lunar-devel into ubuntu/+source/landscape-client:ubuntu/lunar-devel.