curtin

apt-key is deprecated and will be removed from Debian and Ubuntu

Bug #1892494 reported by Paride Legovini on 2020-08-21

22

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	curtin	Fix Released	High	Dan Bungert

Bug Description

Use of apt-key is deprecated and it will last be available in Debian 11 and Ubuntu 22.04, see apt-key(8).

Curtin uses `apt-key add`, which can be replaced by dropping the pubkeys to be trusted in the /etc/apt/trusted.gpg.d/ directory. The `apt-key list` and `apt-key finger` commands can be replaced by something like:

gpg --with-fingerprint --no-default-keyring --list-keys --keyring /etc/apt/trusted.gpg.d/key1 --keyring /etc/apt/trusted.gpg.d/key2 [--keyring ...]

which should produce the same result.

Related branches

~dbungert/curtin:lp-1892494-apt-key-v2

Merged into curtin:master

Server Team CI bot: Approve (continuous-integration) on 2022-11-04

Michael Hudson-Doyle: Approve on 2022-11-04

Olivier Gayot: Approve on 2022-11-01

Paride Legovini (paride) on 2020-08-21

Changed in curtin:
status:	New → Triaged
importance:	Undecided → Low

Revision history for this message

Nish Aravamudan (nacc) wrote on 2020-11-07:

#1

I've filed similar bugs recently for identical problems in Bionic apt-setup, base-installer and debootstrap srckpgs. I can submit a PR to fix this in curtin Monday. Without this, a totally isolated install using an internal mirror is broken unless you make a custom rootfs.

Revision history for this message

Server Team CI bot (server-team-bot) wrote on 2020-12-15:

#2

This bug is fixed with commit e099e32c to curtin on branch master.
To view that commit see the following URL:
https://git.launchpad.net/curtin/commit/?id=e099e32c

Changed in curtin:
status:	Triaged → Fix Committed

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2021-01-15: Fixed in curtin version 21.1.

#3

This bug is believed to be fixed in curtin in version 21.1. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in curtin:
status:	Fix Committed → Fix Released

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2021-01-26:

#4

Unfortunately the fix wasn't quite right and is going to be reverted. Will have another go soon.

Changed in curtin:
status:	Fix Released → Triaged

Revision history for this message

James Howe (jameshowe) wrote on 2021-03-12:

#5

Don't just replace apt-key with the equivalent gpg commands. The reason it is deprecated is because you're not supposed to add keys to the global apt trust any more.

https://wiki.debian.org/DebianRepository/UseThirdParty

Dan Bungert (dbungert) on 2022-10-27

Changed in curtin:
importance:	Low → High
assignee:	nobody → Dan Bungert (dbungert)
status:	Triaged → In Progress

Dan Bungert (dbungert) on 2022-11-16

Changed in curtin:
status:	In Progress → Fix Committed

Dan Bungert (dbungert) on 2023-11-06

Changed in curtin:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.